What Counts as ‘Personal Data’ Under the GDPR?

by Kyle McIndoe

October 10, 2019
Legal guides, Others, Starting a Business

Share at:

Kyle McIndoe Judge's Associate

Kyle is a former international athlete who has transformed the behaviours, knowledge and discipline gained through elite sport into a professional career. Formerly a Legal Intern at Lawpath, he now works as Judge’s Associate for the District Court of NSW.

The General Data Protection Regulation (GDPR) is a European law on data protection and privacy for citizens of the European Union. It predominantly addresses personal data. However, many people don’t understand what this means under the GDPR. We break it down below, to ensure that you accurately understand what it contains.

Definition of personal data

A section of the GDPR defines what personal data entails. It includes any information that is related to an identified or identifiable person. If a person can be recognised through any identifier it may be considered personal. This includes:

Name.
Location data.
Identification number.
Online identifier.

In short, if an individual can be identified through any kind of data, it falls within the definition.

How deep does this extend?

The definition includes ‘any information’. Thus, the definition needs to be interpreted broadly. Numerous cases have proven this, considering less explicit information such as recordings of employee’s shift times, break times and IP addresses. It even includes written information on a test.

Personal data doesn’t need to be objective. Subjective information such as opinions, judgements or even personal estimates may constitute personal data.

Does it only extend to people?

Part of the definition includes ‘identified or identifiable persons’. It must be a natural person. Therefore, these laws do not protect information about businesses, corporations or institutions. However, natural people have capacity under the definition from the moment they are born, to the moment they die.

When is data not personal?

Data that has been made anonymous to the extent that an individual is not identifiable is when it ceases to be personal data. There must be no link between the data, and the person it belongs to. If there is even a hint that it belongs to the person, then it may be classed as personal.

Final thoughts

Before understanding how the law operates, it’s necessary to understand what kind of information the law is built to protect. Personal data is any data that may attributed to a natural person. To ensure you meet these requirements, a GDPR Privacy Policy is specifically created to abide with this framework for your business. For further enquiries on the topic, a privacy lawyer may be able to assist.

Don’t know where to start? Contact us on 1800 529 728 to learn more about customising legal documents and obtaining a fixed-fee quote from Australia’s largest lawyer marketplace.

Share at:

Repudiation vs. Rescission of Contracts (2026 Update)

Signing a Document? Who Can Witness a Signature?

What is Statute of Limitations in Australia?

What Is A Joint Venture Agreement?

How To Start A Document Shredding Business

How to Start a Gift Bundling Business

Why Do You Need Contracts for Freelance Services?

Tax Concessions Small Businesses Should Know

What Happens If You Break a Contract? The Ultimate Guide to Contractual Remedies (2026 Update)

Legal Documents You Need For Your Website

5 Legal Documents for Your Disability and NDIS Businesses & Why You Need Them

What’s the Difference Between an ABN and ACN? (2026 Update)

What is the Difference Between Casual vs Full-time Employment?

Get the latest news

By clicking on 'Sign up to our newsletter' you are agreeing to the Lawpath Terms & Conditions

eBook

Download our eBook,
Hiring Your First Employee

Our eBook covers the necessary legal and financial considerations you should make when hiring your first employee.

What Happens If You Break a Contract? The Ultimate Guide to Contractual Remedies (2026 Update)

Contractual breaches can be devastating. Learn exactly what you can do and what remedies the courts may grant to rectify them.

Mai Sarkissian
06/18/2026

Can a Handwritten Agreement Hold Up in Court?

Is a handwritten agreement a legally binding agreement? Turns out, what is on the inside is what truly counts.

Paul Taylor
06/18/2026

Terms of Service vs Terms & Conditions: What’s Different?

Terms Of Service and Terms and Conditions are an integral part of the online business world, and are a legal requirement for websites. Read about them here.

Register a Company

Tax Plan

Virtual Office