GDPR acronyms and GDPR Terminologies | Your Ready Reckoner


GDPR, as you should already know, is a regulation in the EU that requires businesses to protect personal data of EU citizens. Any non-compliance with this regulation may cost a fortune to the companies, thanks to hefty fines that can be imposed by the authorities.


Yes, GDPR has introduced sweeping changes to the privacy regime. Companies and businesses had approx. 2 years to prepare for the change and now, the deadline has passed. However, it is never too late – you can read more on GDPR from here.



25th May.


But, many businesses are still preparing to be in compliance with GDPR. To my knowledge, many businesses are not even aware of the basic GDPR acronyms and GDPR terminologies.


Infact, according to TechRepublic, many companies aren’t prepared at all.


According to them, a new report found that 60% of businesses are likely to miss the GDPR compliance deadline of May 25, 2018.


The report, compiled by Crowd Research Partners, further reveals that only seven percent of businesses report are being in compliance with the GDPR, and 28% have not even begun to work toward the May 25 deadline.


That’s scary!


If you haven’t begun complying with it, this is GDPR compliance checklist that can help you out along with this post that explains the basic GDPR acronyms and GDPR terminologies.


Oh god! Like there weren’t enough already!


You’re right! However, considering the digital marketing field is so full of acronyms already, 5-6 GDPR acronyms will be a cakewalk to remember. Isn’t it?


Let’s start with the GDPR acronyms:


  1. GDPR – Basics first. It stands for General Data Protection Regulation.
  2. DPO – Data Protection Officer. Businesses are encouraged to appoint a person who will overlook the manner  in which a company collects, stores and processes the data (especially any personal data of the EU citizens)
  3. ISA – Independent Supervisory Authority. Currently, EU has a DPA (Data Protection Authority) that supervise the application of data protection laws. This authority has been renamed to Independent Supervisory Authority or ISA under the GDPR regime.



And, the next GDPR acronym can confuse you, but hang in there.


  1. DPA – Data Processing Addendum [not Data Processing Authority because, remember, that is replaced by ISA]. DPA refers to the contract that covers how a data controllers processing vendors comply with GDPR.


      2. DPIA – Data Protection Impact Assessment. As the name suggests, DPiA will help you understand, identify, assess and take actions to mitigate any risk.


There you go!


These are some of the most important GDPR acronyms that you need to know.


Now, that we are familiar with these GDPR acronyms, let’s move on to GDPR terminologies. Everyone probably has heard or read of these GDPR terminologies but not everyone knows what they mean.


Let’s start


  1. Consent should be
    1. freely given
    2. specific
    3. informed and
    4. explicit by statement or action signifying that the individual agrees that their personal data can be processed.


  • Data Controller is any entity (natural or legal) that determines the purposes, conditions, and means of the processing of personal data. Similarly, Data Processor is an entity that processes data on behalf of the Data Controller


  • Personal Data – is any information that relates to a natural person (an individual or data subject in this case), that can directly or indirectly identify the person. For example, ID number, location, any social, economic or other factors.


  • Personal Data Breach – a breach of security leading to the accidental or unlawful access to, destruction, disclosure, misuse, etc. of personal data


gdpr personal data


  • Right to be Forgotten – also known as Data Erasure, entitles a person or an individual with a right to ask the data controller to erase his/her personal information, cease dissemination and potentially have third parties cease processing of data as well.


  • Data Subject: a natural person whose personal data is in question


  • Pseudonymisation – the processing of personal data such that it can no longer be attributed to a single individual or data subject without the use of additional data.


  • Binding Corporate Rules (BCRs) – a set of rules which allow multinational companies and organizations to transfer personal data from the EU to their affiliates outside the EU (but within the organization)


binding corporate rules gdprLook GDPR acronyms and terminologies need not be cumbersome. As marketers, we all need to appreciate the privacy of data and take actions to be in compliance with these laws.


That said,


This is definitely not an exhaustive list of GDPR acronyms and GDPR terminologies, but this list contains everything that will help you understand the regulation better. Also, this checklist can help you out in getting started.


It is time to add them to your marketing vocabulary and start using them as casually as we use MQL, SQL, SEO, SERP etc. After all, they are a part of our everyday life now. Right?


Did we miss out on any important GDPR acronyms and GDPR terminology? Do let us know and we will include that in the list.


Also, tell us, are you GDPR ready? Have to put in place the required processes or systems? We would love to hear from you in the comments section.


Note – No information in this article should be taken as legal advice. It is recommended that companies obtain professional legal advice on matters pertaining to GDPR or other similar regulations.


Subscribe for blog

Ameet Bhinganiya

Author Ameet Bhinganiya

Ameet is the co-founder of OnlyB2B ITES Pvt Ltd, a Lead Generation Expert, and brings 10+ years of experience working with Marketing, Advertisements, NGO, BPO, and ITES etc. Say hi on

More posts by Ameet Bhinganiya

Leave a Reply