What Data Am I Allowed to Collect?
Phew! You've digested a lot of information, and a great deal of laws, rules, and norms about data. It can be a mouthful, but it's incredibly important to understand.
Just like you can't drive a car without knowing the traffic rules, you also can't deal with data without knowing something about the GDPR. In both cases, you run the risk of a hefty fine, at the very least!
In this section, we've examined what data one is allowed to collect, and how to legally handle collected data. We've become more familiar with the GDPR, looked at what counts as personal data, and untangled some words and phrases often encountered in connection with the data protection regulation.
You now know that the GDPR provides six different bases of processing, as well, and that one or more of these must underpin any data collection and processing. Furthermore, we've discussed what constitutes valid consent, and discussed data protection principles such as lawfulness, fairness, transparency, and accuracy.
You've also learned what is defined as sensitive information, and have also reflected a bit on the ethical waters around what's legal—and what's acceptable.