Sensitive data

Sensitive data is a special category of personal data under the GDPR.

The following types of information fall under this definition:

  • health data
  • racial or ethnic origin
  • religious beliefs
  • sexual orientation
  • trade-union memberships
  • political opinions
  • biometric data

As a Data controller, you must meet the following conditions in order to process sensitive data:

  • You must obtain user consent
  • The processing is necessary to protect the vital interests of the data subject when one is unable to give consent
  • The data subject has revealed the sensitive data publicly
  • It is necessary for claims or in a legal process
  • Processing the data for reasons of substantial public interest on the basis of EU or national law
  • You are processing the data for preventive or occupational medicine
  • The processing is required for public health reasons – preventing epidemics, etc.

For more details we recommend reading this article prepared by the European Commission.

What’s more, such data requires special protection from unauthorized access to ensure that the privacy and security of both individuals and companies is properly guarded. You can read about this here.

April 12, 2022

Customer journey analytics 101: what it is and why it's important for your business

Customer journey analytics helps businesses build a consistent buyer’s journey and outperform competitors. Learn how it empowers your organization.

Read more

March 21, 2022

Comparison of 6 free and paid mobile app analytics platforms

As a product manager or app developer, your priority should not only be to deliver an app that works well or has a nice design. You also need to understand your users in order to improve the app’s performance. That requires asking the right questions and getting insights that you can depend on. A mobile […]

Read more

Other definitions

Recent posts from Piwik PRO blog