The Data Privacy Vocabulary (DPV) provides terms (classes and properties) to describe and represent information related to processing of personal data based on established requirements such as for the EU General Data Protection Regulation (GDPR). The DPV is structured as a top-down hierarchical vocabulary with the core or base concepts of personal data categories, purposes of processing and types of processing, data controller(s) associated, recipients of personal data, legal bases or justifications used, technical and organisational measures and restrictions (e.g. storage locations and storage durations), applicable rights, and the risks involved.

The namespace for DPV terms is http://www.w3.org/ns/dpv#
The suggested prefix for the DPV namespace is dpv
The DPV and its documentation is available on GitHub.

This document is published by the Data Privacy Vocabularies and Controls Community Group (DPVCG) as a deliverable and report of its work in creating and maintaining the Data Privacy Vocabulary (DPV).

Contributing to the DPV and its extensions The DPVCG welcomes participation regarding the DPV, including expansion or refinement of its terms, addressing open issues, and welcomes suggestions on their resolution or mitigation.

While we welcome participation via any and all mediums - e.g., via Github pull requests or issues, emails, papers, or reports - the formal resolution of contributions takes place only through the DPVCG meeting calls and mailing lists. We therefore suggest joining the group to participate in these discussions for formal approval.

For contributions to the DPV, please see the section on GitHub. The current list of open issues and their discussions to date can be found at GitHub issues.

Introduction

The Data Privacy Vocabulary provides terms (classes and properties) to describe and represent information about personal data handling. In particular, the vocabulary provides extensible taxonomies of terms to describe the following components:

These terms are intended to represent personal data handling as machine-readable information by specifying personal data categories undergoing processing, its purpose(s), the data controller(s) involved, recipient(s) of this data, the legal bases or justifications used (e.g. consent or legitimate interest), involving technical and organisational measures and restrictions (e.g. storage location and storage duration), the applicable rights, and possibility of risks.

As some concepts, e.g. Legal Bases, are defined and dependant on legal jurisdictions - these are provide as a separate 'extension' of the DPV. The scope of DPV is intended to be as a 'general vocabulary', and the extensions expand it to required jurisdictions, domains, and use-case specific requirements. The DPV-GDPR extension models concepts such as legal bases and rights provided by the GDPR.

Examples of applications where the concepts provided by the DPV can be used are:

  1. represent policies for personal data handling
  2. represent information about consent i.e. what it is about
  3. log/document personal data handling actions e.g. activities of data controller
  4. represent input data for automated checking of legal compliance

Namespaces

The namespace for DPV vocabulary is http://www.w3.org/ns/dpv#. The table below indicates the full list of namespaces and prefixes used in this document.

Prefix Namespace
dct http://purl.org/dc/terms/
dpv http://www.w3.org/ns/dpv#
dpv-gdpr http://www.w3.org/ns/dpv-gdpr#
dpv-nace http://www.w3.org/ns/dpv-nace#
odrl http://www.w3.org/ns/odrl/2/
owl http://www.w3.org/2002/07/owl#
rdf http://www.w3.org/1999/02/22-rdf-syntax-ns#
rdfs http://www.w3.org/2000/01/rdf-schema#
skos http://www.w3.org/2004/02/skos/core#
spl http://www.specialprivacy.eu/langs/usage-policy#
svd http://www.specialprivacy.eu/vocabs/data#
svdu http://www.specialprivacy.eu/vocabs/duration#
svl http://www.specialprivacy.eu/vocabs/locations#
svpu http://www.specialprivacy.eu/vocabs/purposes#
svpr http://www.specialprivacy.eu/vocabs/processing#
svr http://www.specialprivacy.eu/vocabs/recipients
xsd http://www.w3.org/2001/XMLSchema#

The DPV, as it is provided, does not recommend any specific way to use its concepts. Adopters are free to utilise their preferred models (e.g. RDFS-style, OWL2-style, or simply as a list of terms), though we strongly recommend being aware of the implications of using a specific model regarding interpretation, reasoning, and interoperability. There is ongoing work to document 'flavours' for using DPV as a RDFS, OWL2, or SKOS vocabulary.

Base Vocabulary

Concepts in the Base vocabulary are available as an individual module here.

DPV base vocabulary
Base Vocabulary

The 'Base' or 'Core' vocabulary describes the top-level classes required for defining a 'policy' for personal data handling. Classes and properties for each top-level class are further elaborated using sub-vocabularies, for example a taxonomy of personal data categories. While all concepts within the vocabulary share a single namespace, the modular approach makes it possible to use only the specific taxonomies or sub-vocabularies, for example to refer only to purposes. The DPV provides the following as top-level concepts and generic properties to associate them with other concepts:

Class Property Description
[=PersonalDataCategory=] [=hasPersonalDataCategory=] Personal data categories
[=Purpose=] [=hasPurpose=] Purpose of Processing
[=Processing=] [=hasProcessing=] Category or type of processing of personal data
[=DataController=] [=hasDataController=] Data Controller responsible for processing
[=DataSubject=] [=hasDataSubject=] Data Subject or Individual whose data is being processing
[=Recipient=] [=hasRecipient=] Recipient of personal data
[=TechnicalOrganisationalMeasure=] [=hasTechnicalOrganisationalMeasure=] Technical and/or Organisational measures associated with processing
[=LegalBasis=] [=hasLegalBasis=] Legal bases or justifications for processing
[=Right=] and [=DataSubjectRight=] [=hasRight=] Rights applicable or provided
[=Risk=] [=hasRisk=] Risks applicable or probable regarding processing

Along with these, the DPV defines the concept of [=PersonalDataHandling=] for representing a 'policy' associating the top-level concepts with one another. For example, using [=PersonalDataHandling=] it is possible to indicate the application of a specific purpose and processing to categories of personal data relating to data subjects (or individual), along with the data controller responsible, the recipients of data, legal basis used, the technical and organisational measures involved, rights provided, and the possibility of risks.

The DPV does not mandate the use of [=PersonalDataHandling=]. Adopters can define their own interpretation of what concepts personal data handling involves, or define a separate concept similar to [=PersonalDataHandling=]. For example, one may specify that a [=PersonalDataHandling=] is only associated with [=Purpose=], [=Processing=], [=PersonalDataCategory=], and [=Recipient=] where the legal basis and technical and organisational measures are either assumed or defined externally. In continuation of this, the DPV also does not provide any constraints on the inclusion or exclusion of concepts used to define an instance of [=PersonalDataHandling=]. Possibilities for specifying such constraints include use of OWL2 semantics and SHACL to specify mandatory concepts. For example, requiring every instance of [=PersonalDataHandling=] must have at least one Personal Data Category, Controller, Purpose, and Legal Basis.

Classes

Data Controller | Data Subject | Data Subject Right | Legal Basis | Personal Data Category | Personal Data Handling | Processing | Purpose | Recipient | Right | Risk | Technical and Organisational Measure |

Data Controller

Term: DataController
Description: The individual or organisation that decides (or controls) the purpose(s) of processing personal data.
Subclass Of: dpv:LegalEntity
Comment: The terms 'Controller' is usually the more common form of indicating a Data Controller. In ISO/IEC the term 'PII Controller' is used.
Source: GDPR Art.4-7g
Created:
Modified:
Contributor(s): Axel Polleres, Javier Fernández

Data Subject

Term: DataSubject
Description: The individual (or category of individuals) whose personal data is being processed
Subclass Of: dpv:LegalEntity
Superclass Of: dpv:Child, dpv:VulnerableDataSubject
Comment: The term 'data subject' is specific to the GDPR, but is functionally equivalent to the term 'individual' and the ISO/IEC term 'PII Principle'.
Source: GDPR Art.4-1g
Created:
Modified:
Contributor(s): Axel Polleres, Javier Fernández

Data Subject Right

Term: DataSubjectRight
Description: The rights applicable or provided to a Data Subject
Subclass Of: dpv:Right
Comment: Based on use of definitions, the notion of 'Data Subject Right' can be equivalent to 'Individual Right' or 'Right of a Person'
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan Pandit

Legal Basis

Term: LegalBasis
Description: The Legal basis used to justify processing of personal data
Superclass Of: dpv:Consent, dpv:Contract, dpv:DataTransferLegalBasis, dpv:LegalObligation, dpv:LegitimateInterest, dpv:OfficialAuthorityOfController, dpv:PublicInterest, dpv:VitalInterest
Comment: Legal basis (plural: legal bases) are defined by legislations and regulations, whose applicability is usually restricted to specific jurisdictions.
Created:
Modified:

Personal Data Category

Term: PersonalDataCategory
Description: A category of personal data
Superclass Of: dpv:DerivedPersonalData, dpv:External, dpv:Financial, dpv:Historical, dpv:Internal, dpv:Social, dpv:SpecialCategoryPersonalData, dpv:Tracking
Comment: For a formal legal definition of personal data, see GDPR Art.4-1. An informal definition consists of any data directly or indirectly associated or related to an individual. This definition is equivalent to ISO/IEC definition of Personally Identifiable Information (PII).
Source: GDPR Art.4-1g, SPECIAL Project
Created:
Modified:
Contributor(s): Axel Polleres, Harshvardhan Pandit
See Also: spl:AnyData

Personal Data Handling

Term: PersonalDataHandling
Description: A high-level Class to describe 'data handling'. This can consist of personal data being processed for a purpose, involving entities, using technical and organisational measures, applicable risks, rights, and legal basis.
Created:
Modified:
Contributor(s): Axel Polleres, Javier Fernández

Processing

Term: Processing
Description: The processing performed on personal data
Superclass Of: dpv:Copy, dpv:Disclose, dpv:Obtain, dpv:Organise, dpv:Remove, dpv:Store, dpv:Transfer, dpv:Transform, dpv:Use
Source: SPECIAL Project
Created:
Modified:
Contributor(s): Axel Polleres, Javier Fernández
See Also: spl:AnyProcessing

Purpose

Term: Purpose
Description: The purpose of processing personal data
Superclass Of: dpv:AccountManagement, dpv:CommunicationManagement, dpv:CustomerManagement, dpv:EnforceSecurity, dpv:HumanResourceManagement, dpv:LegalCompliance, dpv:Marketing, dpv:OrganisationGovernance, dpv:Personalisation, dpv:RecordManagement, dpv:ResearchAndDevelopment, dpv:ServiceProvision, dpv:VendorManagement
Source: SPECIAL Project
Created:
Modified:
Contributor(s): Axel Polleres, Javier Fernández
See Also: spl:AnyPurpose

Recipient

Term: Recipient
Description: Entities that receive personal data
Subclass Of: dpv:LegalEntity
Superclass Of: dpv:DataImporter, dpv:DataProcessor, dpv:ThirdParty
Comment: A recipient of personal data can be used to indicate any entity that receives personal data. This can be a Third Party, Processor (GDPR), or even a Controller.
Source: GDPR Art.4-9g, SPECIAL Project
Created:
Modified:
Contributor(s): Axel Polleres, Javier Fernández
See Also: spl:AnyRecipient
Term: Right
Description: The right(s) applicable, provided, or expected.
Superclass Of: dpv:DataSubjectRight
Comment: A 'right' is a legal, social, or ethical principle of freedom or entitlement which dictate the norms regarding what is allowed or owed.. Rights as a concept encompass a broad area of norms and entities, and are not specific to Individuals or Data Protection / Privacy. For individual specific rights, see dpv:DataSubjectRight
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J Pandit

Risk

Term: Risk
Description: A risk or possibility or uncertainty of negative effects, impacts, or consequences.
Comment: Risks can be associated with one or more different concepts such as purpose, processing, personal data, technical or organisational measure.
Created:
Contributor(s): Harshvardhan J. Pandit

Technical and Organisational Measure

Term: TechnicalOrganisationalMeasure
Description: The Technical and Organisational measures used.
Superclass Of: dpv:OrganisationalMeasure, dpv:RiskMitigationMeasure, dpv:TechnicalMeasure
Created:
Modified:
Contributor(s): Bud Bruegger

Properties

has data controller | has data subject | has legal basis | has personal data category | has processing | has purpose | has recipient | has right | has risk | has technical and organisational measure |

has data controller

Term: hasDataController
Description: Indicates association with a Data Controller.
Status: accepted
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

has data subject

Term: hasDataSubject
Description: Indicates association with a specific Data Subject or a group or category of Data Subjects.
Status: accepted
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

has legal basis

Term: hasLegalBasis
Description: Indicates applicability of a Legal Basis.
Status: accepted
Created:
Contributor(s): Axel Polleres, Javier Fernández

has personal data category

Term: hasPersonalDataCategory
Description: Indicates association with a Personal Data Category.
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

has processing

Term: hasProcessing
Description: Indicates association with a Processing (of personal data) instance or category.
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

has purpose

Term: hasPurpose
Description: Indicates association with a Purpose (of processing personal data).
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

has recipient

Term: hasRecipient
Description: Indicates a recipient of personal data.
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

has right

Term: hasRight
Description: Indicates applicability of a Right.
Status: accepted
Created:
Contributor(s): Harshvardhan J. Pandit

has risk

Term: hasRisk
Description: Indicates applicability of a Risk.
Status: accepted
Created:
Contributor(s): Harshvardhan J. Pandit

has technical and organisational measure

Term: hasTechnicalOrganisationalMeasure
Description: Indicates use of a Technical or Organisational measure.
Status: accepted
Created:
Contributor(s): Axel Polleres, Bud Bruegger, Harshvardhan J. Pandit, Javier Fernández, Mark Lizar

Personal Data Categories

Concepts related to Personal Data Categories are available as an individual module here.

DPV provides broad top-level personal data categories adapted from the taxonomy contributed by R. Jason Cronk [[EnterPrivacy]]. The top-level concepts in this taxonomy refer to the nature of information (financial, social, tracking) and to its inherent source (internal, external). Each top-level concept is represented in the DPV vocabulary as a Class, and is further elaborated by subclasses for referring to specific categories of information - such as preferences or demographics.

Concepts for Personal Data Categories in DPV
Concepts for Personal Data Categories in DPV

While this taxonomy is by no means exhaustive, the aim is to provide a sufficient coverage of abstract categories of personal data which can be extended using the subclass mechanism to represent concepts used in the real-world.

Regulations such as the GDPR define personal data at an abstract level as information (directly or indirectly) associated with an individual or a category of individuals. DPV defines classes representing categories that are inclusive of information associated with them (e.g. name consisting of first name, last name), with their instances representing specific elements of personal data (e.g. “John Doe” as name).

The categories defined in the personal data categories taxonomy can be used directly or further extended by subclassing the respective classes to depict specialised concepts, such as “likes regarding movies” or combined with classes to indicate specific contexts. The class [=DerivedPersonalData=] provides one such context to indicate information has been derived from existing information, e.g. inference of opinions from social media. Additional classes can be defined to specify contexts such as use of machine learning, accuracy, and source. Similarly, the class [=SpecialCategoryPersonalData=] represents categories that are ‘special’ or ‘sensitive’ and require additional conditions, e.g. as per GDPR’s Article 9.

The following is an overview of the concepts provided for personal data within the DPV:

Concept Description
[=PersonalDataCategory=] Category of Personal Data
[=SpecialCategoryPersonalData=] Indicates that personal data is sensitive or belongs to a special category
[=DerivedPersonalData=] Indicates that personal data is derived or inferred

Classes

Accent | Account Identifier | Acquantaince | Age | Apartment Owned | Association | Attitude | Authenticating | Authentication History | Bank Account | Behavioral | Biometric | Blood Type | Browser Fingerprint | Browsing Behavior | Browsing Referral | Call Log | Car Owned | Character | Communication | Communications Metadata | Connection | Contact | Country | Credit | Credit Capacity | Credit Card Number | Credit Record | Credit Score | Credit Standing | Credit Worthiness | Criminal | Criminal Charge | Criminal Conviction | Criminal Pardon | Demeanor | Demographic | Derived Personal Data | Device Applications | Device Based | Device Operating System | Device Software | Dialect | Disability | Disciplinary Action | Dislike | Divorce | DNA Code | Drug Test Result | Email Address | Email Content | Employment History | Ethnicity | Ethnic Origin | External | Family | Family Health History | Family Structure | Favorite | Favorite Color | Favorite Food | Favorite Music | Fetish | Financial | Financial Account | Financial Account Number | Fingerprint | Friend | Gender | General Reputation | Geographic | GPS Coordinate | Group Membership | Hair Color | Health | Health History | Health Record | Height | Historical | House Owned | Identifying | Income | Income Bracket | Individual Health History | Intention | Interaction | Interest | Internal | IP Address | Job | Knowledge and Beliefs | Language | Life History | Like | LinkClicked | Loan Record | Location | MAC Address | Marital Status | Marriage | MedicalHealth | Mental Health | Name | Official ID | Offspring | Opinion | Ownership | Parent | Password | Payment Card | Payment Card Expiry | Payment Card Number | Personality | Personal Possession | Philosophical Belief | Physical Address | PhysicalCharacteristic | Physical Health | Physical Trait | Picture | Piercing | PIN Code | Political Affiliation | Preference | Prescription | Privacy Preference | Proclivitie | Professional | Professional Certification | Professional Evaluation | Professional Interview | Public Life | Purchase | Purchases and Spending Habit | Race | Reference | Relationship | Religion | Religious Belief | Retina | Room Number | Salary | Sale | School | Secret Text | Service Consumption Behavior | Sexual | Sexual History | Sexual Preference | Sibling | Skin Tone | Social | Social Media Communication | Social Network | Social Status | Special Category Personal Data | Tattoo | Tax | Telephone Number | Thought | Tracking | Transaction | Transactional | TV Viewing Behavior | UID | Username | Voice Communication Recording | Voice Mail | Weight | Work History |

Accent

Term: Accent
Description: Information about linguistic and speech accents.
Subclass Of: dpv:Language
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Account Identifier

Term: AccountIdentifier
Description: Information about financial account identifier.
Subclass Of: dpv:FinancialAccount
Superclass Of: dpv:FinancialAccountNumber, dpv:PaymentCardNumber
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Acquantaince

Term: Acquantaince
Description: Information about acquaintainces in a social network.
Subclass Of: dpv:SocialNetwork
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Age

Term: Age
Description: Information about age
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Apartment Owned

Term: ApartmentOwned
Description: Information about apartment(s) owned and its history
Subclass Of: dpv:HouseOwned
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Association

Term: Association
Description: Information about associations in a social network with other individuals, groups, or entities e.g. friend of a friend
Subclass Of: dpv:SocialNetwork
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Attitude

Term: Attitude
Description: Information about attitude.
Subclass Of: dpv:Behavioral
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Authenticating

Term: Authenticating
Description: Information about authentication and information used for authenticating
Subclass Of: dpv:Internal
Superclass Of: dpv:PINCode, dpv:Password, dpv:SecretText
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Authentication History

Term: AuthenticationHistory
Description: Information about prior authentication and its outcomes such as login attempts or location.
Subclass Of: dpv:Behavioral
Source: DPVCG
Created:
Contributor(s): Georg P Krog

Bank Account

Term: BankAccount
Description: Information about bank accounts.
Subclass Of: dpv:FinancialAccount
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Behavioral

Term: Behavioral
Description: Information about behavior or activity
Subclass Of: dpv:External
Superclass Of: dpv:Attitude, dpv:AuthenticationHistory, dpv:BrowsingBehavior, dpv:CallLog, dpv:Demeanor, dpv:LinkClicked, dpv:Personality, dpv:ServiceConsumptionBehavior
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Activity

Biometric

Term: Biometric
Description: Information about biometrics and biometric characteristics.
Subclass Of: dpv:Identifying, dpv:SpecialCategoryPersonalData
Superclass Of: dpv:Fingerprint, dpv:Retina
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Blood Type

Term: BloodType
Description: Information about blood type.
Subclass Of: dpv:MedicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Browser Fingerprint

Term: BrowserFingerprint
Description: Information about the web browser which is used as a 'fingerprint'
Subclass Of: dpv:DeviceBased
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Browsing Behavior

Term: BrowsingBehavior
Description: Information about browsing behavior.
Subclass Of: dpv:Behavioral
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:OnlineActivity

Browsing Referral

Term: BrowsingReferral
Description: Information about web browsing referrer or referral, which can be based on location, targeted referrals, direct, organic search, social media or actions, campaigns.
Subclass Of: dpv:BrowsingBehaviour
Source: DPVCG
Created:
Contributor(s): Georg P Krog

Call Log

Term: CallLog
Description: Information about the calls that an individual has made.
Subclass Of: dpv:Behavioral
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Car Owned

Term: CarOwned
Description: Information about cars ownership and ownership history.
Subclass Of: dpv:Ownership
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Character

Term: Character
Description: Information about character in the public sphere
Subclass Of: dpv:PublicLife
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Communication

Term: Communication
Description: Information communicated from or to an individual
Subclass Of: dpv:Social
Superclass Of: dpv:EmailContent, dpv:SocialMediaCommunication, dpv:VoiceCommunicationRecording, dpv:VoiceMail
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Communications Metadata

Term: CommunicationsMetadata
Description: Information about communication metadata in the public sphere
Subclass Of: dpv:PublicLife
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Interactive

Connection

Term: Connection
Description: Information about and including connections in a social network
Subclass Of: dpv:SocialNetwork
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Contact

Term: Contact
Description: Information about contacts or used for contacting e.g. email address or phone number
Subclass Of: dpv:Tracking
Superclass Of: dpv:EmailAddress, dpv:PhysicalAddress, dpv:TelephoneNumber
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Physical

Country

Term: Country
Description: Information about country e.g. residence, travel.
Subclass Of: dpv:Location
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit

Term: Credit
Description: Information about reputation with regards to money
Subclass Of: dpv:Transactional
Superclass Of: dpv:CreditCapacity, dpv:CreditRecord, dpv:CreditStanding, dpv:CreditWorthiness
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit Capacity

Term: CreditCapacity
Description: Information about credit capacity.
Subclass Of: dpv:Credit
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit Card Number

Term: CreditCardNumber
Description: Information about credit card number
Subclass Of: dpv:PaymentCardNumber
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit Record

Term: CreditRecord
Description: Information about credit record.
Subclass Of: dpv:Credit
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit Score

Term: CreditScore
Description: Information about credit score.
Subclass Of: dpv:CreditWorthiness
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit Standing

Term: CreditStanding
Description: Information about credit standing.
Subclass Of: dpv:Credit
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Credit Worthiness

Term: CreditWorthiness
Description: Information about credit worthiness.
Subclass Of: dpv:Credit
Superclass Of: dpv:CreditScore
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Criminal

Term: Criminal
Description: Information about criminal activity e.g. criminal convictions or jail time
Subclass Of: dpv:Social
Superclass Of: dpv:CriminalCharge, dpv:CriminalConviction, dpv:CriminalPardon
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Judicial

Criminal Charge

Term: CriminalCharge
Description: Information about criminal charges.
Subclass Of: dpv:Criminal
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Criminal Conviction

Term: CriminalConviction
Description: Information about criminal convictions.
Subclass Of: dpv:Criminal
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Criminal Pardon

Term: CriminalPardon
Description: Information about criminal pardons.
Subclass Of: dpv:Criminal
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Demeanor

Term: Demeanor
Description: Information about demeanor.
Subclass Of: dpv:Behavioral
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Demographic

Term: Demographic
Description: Information about demography and demographic characteristics
Subclass Of: dpv:External
Superclass Of: dpv:Geographic, dpv:IncomeBracket, dpv:PhysicalTrait
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Derived Personal Data

Term: DerivedPersonalData
Description: Derived data is data that is obtained or derived from other data.
Subclass Of: dpv:PersonalDataCategory
Source: DPVCG
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Derived

Device Applications

Term: DeviceApplications
Description: Information about applications or application-like software on a device.
Subclass Of: dpv:DeviceSoftware
Source: DPVCG
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Device Based

Term: DeviceBased
Description: Information about devices
Subclass Of: dpv:Tracking
Superclass Of: dpv:BrowserFingerprint, dpv:DeviceSoftware, dpv:IPAddress, dpv:MACAddress
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Computer

Device Operating System

Term: DeviceOperatingSystem
Description: Information about the operating system (OS) or system software that manages hardware or software resources.
Subclass Of: dpv:DeviceSoftware
Source: DPVCG
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Device Software

Term: DeviceSoftware
Description: Information about software on or related to a device.
Subclass Of: dpv:DeviceBased
Superclass Of: dpv:DeviceApplications, dpv:DeviceOperatingSystem
Source: DPVCG
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Dialect

Term: Dialect
Description: Information about linguistic dialects.
Subclass Of: dpv:Language
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Disability

Term: Disability
Description: Information about disabilities.
Subclass Of: dpv:MedicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Disciplinary Action

Term: DisciplinaryAction
Description: Information about disciplinary actions and its history
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Dislike

Term: Dislike
Description: Information about dislikes or preferences regarding repulsions.
Subclass Of: dpv:Interest
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Divorce

Term: Divorce
Description: Information about divorce(s).
Subclass Of: dpv:FamilyStructure
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

DNA Code

Term: DNACode
Description: Information about DNA.
Subclass Of: dpv:MedicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Drug Test Result

Term: DrugTestResult
Description: Information about drug test results.
Subclass Of: dpv:MedicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Email Address

Term: EmailAddress
Description: Information about Email address.
Subclass Of: dpv:Contact
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Email Content

Term: EmailContent
Description: Information about the contents of Emails sent or received
Subclass Of: dpv:Communication
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Employment History

Term: EmploymentHistory
Description: Information about employment history
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Ethnicity

Term: Ethnicity
Description: Information about ethnic origins and lineage
Subclass Of: dpv:External
Superclass Of: dpv:EthnicOrigin, dpv:Language, dpv:Race
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Ethnic Origin

Term: EthnicOrigin
Description: Information about ethnic origin
Subclass Of: dpv:Ethnicity, dpv:SpecialCategoryPersonalData
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

External

Term: External
Description: Information about external characteristics that can be observed
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:Behavioral, dpv:Demographic, dpv:Ethnicity, dpv:Identifying, dpv:MedicalHealth, dpv:PhysicalCharacteristic, dpv:Sexual
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Family

Term: Family
Description: Information about family and relationships
Subclass Of: dpv:Social
Superclass Of: dpv:FamilyStructure, dpv:Relationship
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Family Health History

Term: FamilyHealthHistory
Description: Information about family health history.
Subclass Of: dpv:HealthHistory
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Family Structure

Term: FamilyStructure
Description: Information about family and familial structure.
Subclass Of: dpv:Family
Superclass Of: dpv:Divorce, dpv:Marriage, dpv:Offspring, dpv:Parent, dpv:Sibling
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Favorite

Term: Favorite
Description: Information about favorites
Subclass Of: dpv:Preference
Superclass Of: dpv:FavoriteColor, dpv:FavoriteFood, dpv:FavoriteMusic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Favorite Color

Term: FavoriteColor
Description: Information about favorite color.
Subclass Of: dpv:Favorite
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Favorite Food

Term: FavoriteFood
Description: Information about favorite food.
Subclass Of: dpv:Favorite
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Favorite Music

Term: FavoriteMusic
Description: Information about favorite music.
Subclass Of: dpv:Favorite
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Fetish

Term: Fetish
Description: Information an individual's sexual fetishes
Subclass Of: dpv:Sexual
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Financial

Term: Financial
Description: Information about finance including monetary characteristics and transactions
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:FinancialAccount, dpv:Ownership, dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Financial

Financial Account

Term: FinancialAccount
Description: Information about financial accounts.
Subclass Of: dpv:Financial
Superclass Of: dpv:AccountIdentifier, dpv:BankAccount, dpv:PaymentCard
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Financial Account Number

Term: FinancialAccountNumber
Description: Information about financial account number
Subclass Of: dpv:AccountIdentifier
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Fingerprint

Term: Fingerprint
Description: Information about fingerprint used for biometric purposes.
Subclass Of: dpv:Biometric
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Friend

Term: Friend
Description: Information about friends in a social network, including aspects of friendships such as years together or nature of friendship.
Subclass Of: dpv:SocialNetwork
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Gender

Term: Gender
Description: Information about gender
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

General Reputation

Term: GeneralReputation
Description: Information about reputation in the public sphere
Subclass Of: dpv:PublicLife
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Geographic

Term: Geographic
Description: Information about location or based on geography (e.g. home address)
Subclass Of: dpv:Demographic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

GPS Coordinate

Term: GPSCoordinate
Description: Information about location expressed using Global Position System coordinates (GPS)
Subclass Of: dpv:Location
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Group Membership

Term: GroupMembership
Description: Information about groups and memberships included or associated with a social network
Subclass Of: dpv:SocialNetwork
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Hair Color

Term: HairColor
Description: Information about hair color
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Health

Term: Health
Description: Information about health.
Subclass Of: dpv:MedicalHealth
Superclass Of: dpv:MentalHealth, dpv:PhysicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Health

Health History

Term: HealthHistory
Description: Information about health history.
Subclass Of: dpv:MedicalHealth
Superclass Of: dpv:FamilyHealthHistory, dpv:IndividualHealthHistory
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Health Record

Term: HealthRecord
Description: Information about health record.
Subclass Of: dpv:MedicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Height

Term: Height
Description: Information about physical height
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Historical

Term: Historical
Description: Information about historical data related to or relevant regarding history or past events
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:LifeHistory
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

House Owned

Term: HouseOwned
Description: Information about house(s) owned and ownership history.
Subclass Of: dpv:Ownership
Superclass Of: dpv:ApartmentOwned
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Identifying

Term: Identifying
Description: Information that uniquely or semi-uniquely identifies an individual or a group
Subclass Of: dpv:External
Superclass Of: dpv:Biometric, dpv:Name, dpv:OfficialID, dpv:Picture, dpv:UID, dpv:Username
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Income

Term: Income
Description: Information about financial income e.g. for individual or household or family
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Income Bracket

Term: IncomeBracket
Description: Information about income bracket.
Subclass Of: dpv:Demographic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Individual Health History

Term: IndividualHealthHistory
Description: Information about information health history.
Subclass Of: dpv:HealthHistory
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Intention

Term: Intention
Description: Information about intentions
Subclass Of: dpv:Preference
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Interaction

Term: Interaction
Description: Information about interactions in the public sphere
Subclass Of: dpv:PublicLife
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Interest

Term: Interest
Description: Information about interests
Subclass Of: dpv:Preference
Superclass Of: dpv:Dislike, dpv:Like
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Internal

Term: Internal
Description: Informatoin about internal characteristics that cannot be seen or observed
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:Authenticating, dpv:KnowledgeBelief, dpv:Preference
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

IP Address

Term: IPAddress
Description: Information about the Internet protocol (IP) address of a device
Subclass Of: dpv:DeviceBased
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Job

Term: Job
Description: Information about professional jobs
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Knowledge and Beliefs

Term: KnowledgeBelief
Description: Information about knowledge and beliefs
Subclass Of: dpv:Internal
Superclass Of: dpv:PhilosophicalBelief, dpv:ReligiousBelief, dpv:Thought
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Language

Term: Language
Description: Information about language and lingual history.
Subclass Of: dpv:Ethnicity
Superclass Of: dpv:Accent, dpv:Dialect
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Life History

Term: LifeHistory
Description: Information about personal history regarding events or activities - including their occurrences that might be directly related or have had an influence (e.g. World War, 9/11)
Subclass Of: dpv:Historical
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Like

Term: Like
Description: Information about likes or preferences regarding attractions.
Subclass Of: dpv:Interest
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

LinkClicked

Term: LinkClicked
Description: Information about the links that an individual has clicked.
Subclass Of: dpv:Behavioral
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Navigation

Loan Record

Term: LoanRecord
Description: Information about loans, whether applied, provided or rejected, and its history
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Location

Term: Location
Description: Information about location
Subclass Of: dpv:Tracking
Superclass Of: dpv:Country, dpv:GPSCoordinate, dpv:RoomNumber
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Location

MAC Address

Term: MACAddress
Description: Information about the Media Access Control (MAC) address of a device
Subclass Of: dpv:DeviceBased
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Marital Status

Term: MaritalStatus
Description: Information about marital status and history
Subclass Of: dpv:PublicLife
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Marriage

Term: Marriage
Description: Information about marriage(s).
Subclass Of: dpv:FamilyStructure
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

MedicalHealth

Term: MedicalHealth
Description: Information about health, medical conditions or health care
Subclass Of: dpv:External, dpv:SpecialCategoryPersonalData
Superclass Of: dpv:BloodType, dpv:DNACode, dpv:Disability, dpv:DrugTestResult, dpv:Health, dpv:HealthHistory, dpv:HealthRecord, dpv:Prescription
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Mental Health

Term: MentalHealth
Description: Information about mental health.
Subclass Of: dpv:Health
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Name

Term: Name
Description: Information about names associated or used as given name or nickname.
Subclass Of: dpv:Identifying
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Official ID

Term: OfficialID
Description: Information about an official identifier or identification document
Subclass Of: dpv:Identifying
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Government

Offspring

Term: Offspring
Description: Information about offspring(s).
Subclass Of: dpv:FamilyStructure
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Opinion

Term: Opinion
Description: Information about opinions
Subclass Of: dpv:Preference
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Ownership

Term: Ownership
Description: Information about ownership and history, including renting, borrowing, possessions.
Subclass Of: dpv:Financial
Superclass Of: dpv:CarOwned, dpv:HouseOwned, dpv:PersonalPossession
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Parent

Term: Parent
Description: Information about parent(s).
Subclass Of: dpv:FamilyStructure
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Password

Term: Password
Description: Information about password used in the process of authenticating the individual as an user accessing a system.
Subclass Of: dpv:Authenticating
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Payment Card

Term: PaymentCard
Description: Information about payment card such as Credit Card, Debit Card.
Subclass Of: dpv:FinancialAccount
Superclass Of: dpv:PaymentCardExpiry, dpv:PaymentCardNumber
Source: DPVCG
Created:
Contributor(s): Harshvardhan J. Pandit

Payment Card Expiry

Term: PaymentCardExpiry
Description: Information about payment card expiry such as a date.
Subclass Of: dpv:PaymentCard
Source: DPVCG
Created:
Contributor(s): Georg P Krog

Payment Card Number

Term: PaymentCardNumber
Description: Information about payment card number.
Subclass Of: dpv:AccountIdentifier, dpv:PaymentCard
Superclass Of: dpv:CreditCardNumber
Source: DPVCG
Created:
Contributor(s): Georg P Krog

Personality

Term: Personality
Description: Information about personality (e.g., categorization in terms of the Big Five personality traits)
Subclass Of: dpv:Behavioral
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Personal Possession

Term: PersonalPossession
Description: Information about personal possessions.
Subclass Of: dpv:Ownership
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Philosophical Belief

Term: PhilosophicalBelief
Description: Information about philosophical beliefs.
Subclass Of: dpv:KnowledgeBelief, dpv:SpecialCategoryPersonalData
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Physical Address

Term: PhysicalAddress
Description: Information about physical address.
Subclass Of: dpv:Contact
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

PhysicalCharacteristic

Term: PhysicalCharacteristic
Description: Information about physical characteristics
Subclass Of: dpv:External
Superclass Of: dpv:Age, dpv:Gender, dpv:HairColor, dpv:Height, dpv:Piercing, dpv:SkinTone, dpv:Tattoo, dpv:Weight
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Demographic

Physical Health

Term: PhysicalHealth
Description: Information about physical health.
Subclass Of: dpv:Health
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Physical Trait

Term: PhysicalTrait
Description: Information about defining traits or features regarding the body.
Subclass Of: dpv:Demographic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Picture

Term: Picture
Description: Information about visual representation or image e.g. profile photo.
Subclass Of: dpv:Identifying
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Piercing

Term: Piercing
Description: Information about piercings
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

PIN Code

Term: PINCode
Description: Information about Personal identification number (PIN), which is usually used in the process of authenticating the individual as an user accessing a system.
Subclass Of: dpv:Authenticating
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Political Affiliation

Term: PoliticalAffiliation
Description: Information about political affiliation and history
Subclass Of: dpv:PublicLife, dpv:SpecialCategoryPersonalData
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Political

Preference

Term: Preference
Description: Information about preferences or interests
Subclass Of: dpv:Internal
Superclass Of: dpv:Favorite, dpv:Intention, dpv:Interest, dpv:Opinion, dpv:PrivacyPreference
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Preference

Prescription

Term: Prescription
Description: Information about medical and pharmaceutical prescriptions
Subclass Of: dpv:MedicalHealth
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Privacy Preference

Term: PrivacyPreference
Description: Information about privacy preferences
Subclass Of: dpv:Preference
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Proclivitie

Term: Proclivitie
Description: Information about proclivities in a sexual context
Subclass Of: dpv:Sexual
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Professional

Term: Professional
Description: Information about educational or professional career
Subclass Of: dpv:Social
Superclass Of: dpv:DisciplinaryAction, dpv:EmploymentHistory, dpv:Job, dpv:ProfessionalCertification, dpv:ProfessionalEvaluation, dpv:ProfessionalInterview, dpv:Reference, dpv:Salary, dpv:School, dpv:WorkHistory
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Professional Certification

Term: ProfessionalCertification
Description: Information about professional certifications
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Professional Evaluation

Term: ProfessionalEvaluation
Description: Information about professional evaluations
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Professional Interview

Term: ProfessionalInterview
Description: Information about professional interviews
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Public Life

Term: PublicLife
Description: Information about public life
Subclass Of: dpv:Social
Superclass Of: dpv:Character, dpv:CommunicationsMetadata, dpv:GeneralReputation, dpv:Interaction, dpv:MaritalStatus, dpv:PoliticalAffiliation, dpv:Religion, dpv:SocialStatus
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Purchase

Term: Purchase
Description: Information about purchases such as items bought e.g. grocery or clothing
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Purchase

Purchases and Spending Habit

Term: PurchasesAndSpendingHabit
Description: Information about analysis of purchases made and money spent expressed as a habit e.g. monthly shopping trends
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Race

Term: Race
Description: Information about race or racial history.
Subclass Of: dpv:Ethnicity, dpv:SpecialCategoryPersonalData
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Reference

Term: Reference
Description: Information about references in the professional context
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Relationship

Term: Relationship
Description: Information about relationships and relationship history.
Subclass Of: dpv:Family
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Religion

Term: Religion
Description: Information about religion, religious inclinations, and religious history.
Subclass Of: dpv:PublicLife, dpv:SpecialCategoryPersonalData
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Religious Belief

Term: ReligiousBelief
Description: Information about religion and religious beliefs.
Subclass Of: dpv:KnowledgeBelief, dpv:SpecialCategoryPersonalData
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Retina

Term: Retina
Description: Information about retina and the retinal patterns.
Subclass Of: dpv:Biometric
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Room Number

Term: RoomNumber
Description: Information about location expressed as Room number or similar numbering systems
Subclass Of: dpv:Location
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Salary

Term: Salary
Description: Information about salary
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Sale

Term: Sale
Description: Information about sales e.g. selling of goods or services
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

School

Term: School
Description: Information about school such as name of school, conduct, or grades obtained.
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Secret Text

Term: SecretText
Description: Information about secret text used in the process of authenticating the individual as an user accessing a system, e.g., when recovering a lost password.
Subclass Of: dpv:Authenticating
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Service Consumption Behavior

Term: ServiceConsumptionBehavior
Description: Information about the consumption of a service, e.g. time and duration of consumption.
Subclass Of: dpv:Behavioral
Superclass Of: dpv:TVViewingBehavior
Source: SPECIAL Project
Created:
Contributor(s): Harshvardhan J. Pandit, Rudy Jacob

Sexual

Term: Sexual
Description: Information about sexuality and sexual history
Subclass Of: dpv:External, dpv:SpecialCategoryPersonalData
Superclass Of: dpv:Fetish, dpv:Proclivitie, dpv:SexualHistory, dpv:SexualPreference
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Sexual History

Term: SexualHistory
Description: Information about sexual history
Subclass Of: dpv:Sexual
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Sexual Preference

Term: SexualPreference
Description: Information about sexual preferences
Subclass Of: dpv:Sexual
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Sibling

Term: Sibling
Description: Information about sibling(s).
Subclass Of: dpv:FamilyStructure
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Skin Tone

Term: SkinTone
Description: Information about skin tone
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Social

Term: Social
Description: Information about social aspects such as family, public life, or professional networks.
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:Communication, dpv:Criminal, dpv:Family, dpv:Professional, dpv:PublicLife, dpv:SocialNetwork
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Social Media Communication

Term: SocialMediaCommunication
Description: Information about social media communication, including the communication itself and metadata.
Subclass Of: dpv:Communication
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:Social

Social Network

Term: SocialNetwork
Description: Information about friends or connections expressed as a social network
Subclass Of: dpv:Social
Superclass Of: dpv:Acquantaince, dpv:Association, dpv:Connection, dpv:Friend, dpv:GroupMembership
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Social Status

Term: SocialStatus
Description: Information about social status
Subclass Of: dpv:PublicLife
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Special Category Personal Data

Term: SpecialCategoryPersonalData
Description: Personal data belonging to one of 'special categories' that are more sensitive and require additional measures
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:Biometric, dpv:EthnicOrigin, dpv:MedicalHealth, dpv:PhilosophicalBelief, dpv:PoliticalAffiliation, dpv:Race, dpv:Religion, dpv:ReligiousBelief, dpv:Sexual
Comment: trade union membership, which is explicitly included in the taxative listing in GDPR Art. 9 (1), is not covered yet.
Source: GDPR Art.9-1
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Tattoo

Term: Tattoo
Description: Information about tattoos
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Tax

Term: Tax
Description: Information about financial tax e.g. tax records or tax due
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Telephone Number

Term: TelephoneNumber
Description: Information about telephone number.
Subclass Of: dpv:Contact
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Thought

Term: Thought
Description: Information about thoughts
Subclass Of: dpv:KnowledgeBelief
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Tracking

Term: Tracking
Description: Information used to track an individual or group e.g. location or email
Subclass Of: dpv:PersonalDataCategory
Superclass Of: dpv:Contact, dpv:DeviceBased, dpv:Location
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Transaction

Term: Transaction
Description: Information about financial transactions e.g. bank transfers
Subclass Of: dpv:Transactional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Transactional

Term: Transactional
Description: Information about a purchasing, spending or income
Subclass Of: dpv:Financial
Superclass Of: dpv:Credit, dpv:Income, dpv:LoanRecord, dpv:Purchase, dpv:PurchasesAndSpendingHabit, dpv:Sale, dpv:Tax, dpv:Transaction
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

TV Viewing Behavior

Term: TVViewingBehavior
Description: Information about TV viewing behavior, such as timestamps of channel change, duration of viewership, content consumed
Subclass Of: dpv:ServiceConsumptionBehavior
Source: SPECIAL Project
Created:
Contributor(s): Harshvardhan J. Pandit, Rudy Jacob

UID

Term: UID
Description: Information about unique identifiers.
Subclass Of: dpv:Identifying
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See Also: svd:UniqueId

Username

Term: Username
Description: Information about usernames.
Subclass Of: dpv:Identifying
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Voice Communication Recording

Term: VoiceCommunicationRecording
Description: Information about vocal recorded communication (e.g. telephony, VoIP)
Subclass Of: dpv:Communication
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Voice Mail

Term: VoiceMail
Description: Information about voice mail messages.
Subclass Of: dpv:Communication
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Weight

Term: Weight
Description: Information about physical weight
Subclass Of: dpv:PhysicalCharacteristic
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Work History

Term: WorkHistory
Description: Information about work history in a professional context
Subclass Of: dpv:Professional
Source: EnterPrivacy Categories of Personal Information
Created:
Contributor(s): Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra

Purposes

Concepts related to Purposes are available as an individual module here.

DPV at the moment defines a hierarchically organized taxonomy of generic categories of purposes (for processing of personal data). Regulations, such as GDPR, require the purpose to be declared in a specific and understandable manner. We therefore suggest to declare the purpose being used as an instance of one or several dpv:Purpose categories and to always declare the specific purpose with a human readable description (e.g. by using rdfs:label and rdfs:comment).

DPV provides a way to indicate purposes are restricted or fall within a specific business sector using the class [=Sector=] and the property [=hasSector=]. Hierarchies for defining business sectors include NACE maintained by EU [[NACE]], NAICS maintained by USA [[NAICS]], ISIC maintained by UN [[ISIC]], and GICS maintained by commercial organisations MSCI and S&P [[GICS]]. Multiple classifications can be used through mappings between sector codes such as the NACE to NAICS alignment provided by EU [[NACE-NAICS]].

We provide an interpretation of the NACE revision 2 codes which uses rdfs:subClassOf to specify the hierarchy, available here. The NACE codes have the namespace dpv-nace and are represented as dpv-nace:NACE-CODE.

Purposes can be further restricted to specific contexts using the [=Context=] and the property [=hasContext=]. In this case, 'context' refers to a generic context which can be expanded as applicable within an use-case or domain.

DPV purpose vocabulary
Concepts for Purposes in DPV

For using purposes, we suggest selecting the most appropriate or applicable purpose over more abstract ones by selecting or extending the relevant classes in the purpose taxonomy. For example, the purpose [=ServiceOptimization=] is further sub-classed to indicate optimisation for consumer as [=OptimisationForConsumer=] and for controller as [=OptimisationForController=].

Depending on specific jurisdictions, certain purposes within the DPV may not satisfy the requirements to be specific, umabigious, or clear. For example, in the above example, [=OptimisationForController=] may still be considered to be too broad, and thus should be further clarified either through use of one of its sub-classes or by creating dedicated instances for a given use-case.

Also depending on jurisdictions, there may be correlations between purposes and legal bases that indicate which specific legal bases may or may not be used for what purpose categories.

We welcome ways to indicate guidelines for use of purposes, relations with legal basis, and assisting adopters with choices to utilise in their use-cases.

The following is an overview of the concepts within the purpose taxonomy:

Class Property Description
[=Purpose=] [=hasPurpose=] Indicate purpose
[=Sector=] [=hasSector=] Indicate sector of organisation or restrict purpose to sector
[=Context=] [=hasContext=] Indicate context or restrict purpose to context

Classes

Academic Research | Account Management | Advertising | Commercial Research | Communication for Customer Care | Communication Management | Context | Create Event Recommendations | Create Personalized Recommendations | Create Product Recommendations | Customer Care | Customer Claims Management | Customer Management | Customer Order Management | Customer Relationship Management | Customer Solvency Monitoring | Delivery of Goods | Direct Marketing | Dispute Management | Enforce Access Control | Enforce Security | Fraud Prevention and Detection | Human Resources Management | Identity Verification | Improve Existing Products and Services | Improve Internal CRM Processes | Increase Service Robustness | Internal Resource Optimisation | Legal Compliance | Marketing | Members and Partners Management | Non-Commercial Research | Optimisation for Consumer | Optimisation for Controller | Optimise User Interface | Organisation Compliance Management | Organisation Governance | Organisation Risk Management | Payment | Personalisation | Personalised Advertising | Personalised Benefits | Public Relations | Record Management | Registration and Authentication | Requested Service Provision | Research and Development | Sector | Sell Data to Third Parties | Sell Insights from Data | Sell Products | Sell Products to Data Subject | Service Optimization | Service Personalization | Service Provision | Service Order Management | Analytics | Social Media | Technical Service Provision | User Interface Personalisation | Vendor Management | Vendor Payment | Vendor Records Management | Vendor Selection Assessment |

Academic Research

Term: AcademicResearch
Description: Conduct or assist with research conducted in an academic context e.g. within universities
Subclass Of: dpv:ResearchAndDevelopment
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Education

Account Management

Term: AccountManagement
Description: Create, maintain, and manage accounts for purposes of providing services
Subclass Of: dpv:Purpose
Created:

Advertising

Term: Advertising
Description: Conduct advertising i.e. process or artefact used to call attention to a product, service, etc. through announcements, notices, or other forms of communication
Subclass Of: dpv:Marketing
Superclass Of: dpv:PersonalisedAdvertising
Comment: Advertising is a subset of Marketing. Advertising by itself does not indicate 'personalisation' i.e. personalised ads.
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Commercial Research

Term: CommercialResearch
Description: Conduct research in a commercial setting or with intention to commercialise e.g. in a company or sponsored by a company
Subclass Of: dpv:ResearchAndDevelopment
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Develop

Communication for Customer Care

Term: CommunicationForCustomerCare
Description: Communicate with customers for assisting them, resolving issues, ensuring satisfaction in relation to services provided
Subclass Of: dpv:CommunicationManagement, dpv:CustomerCare
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Communication Management

Term: CommunicationManagement
Description: Manage communication or provide means for communication e.g. to send an email notifying some information
Subclass Of: dpv:Purpose
Superclass Of: dpv:CommunicationForCustomerCare
Comment: This purpose by itself does not sufficiently and clearly indicate what the communication is about. As such, it is recommended to combine it with another purpose to indicate the application. For example, Communication of Payment.
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Context

Term: Context
Description: Contextually relevant information about purpose not possible to represent through other concepts
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Create Event Recommendations

Term: CreateEventRecommendations
Description: Create and provide personalised recommendations for events
Subclass Of: dpv:CreatePersonalizedRecommendations
Source: SPECIAL Project
Created:
Contributor(s): Harshvardhan J. Pandit, Rudy Jacob

Create Personalized Recommendations

Term: CreatePersonalizedRecommendations
Description: Create and provide personalised recommendations
Subclass Of: dpv:ServicePersonalization
Superclass Of: dpv:CreateEventRecommendations, dpv:CreateProductRecommendations
Source: SPECIAL Project
Created:
Contributor(s): Harshvardhan J. Pandit, Rudy Jacob

Create Product Recommendations

Term: CreateProductRecommendations
Description: Create and provide product recommendations e.g. suggest similar products
Subclass Of: dpv:CreatePersonalizedRecommendations
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Marketing

Customer Care

Term: CustomerCare
Description: Provide assistance, resolve issues, ensure satisfaction in relation to services provided
Subclass Of: dpv:CustomerManagement
Superclass Of: dpv:CommunicationForCustomerCare
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Feedback

Customer Claims Management

Term: CustomerClaimsManagement
Description: Manage claims, including repayment of monies owed
Subclass Of: dpv:CustomerManagement
Source: Belgian DPA ROPA Template
Created:

Customer Management

Term: CustomerManagement
Description: Manage past, current, and future customers
Subclass Of: dpv:Purpose
Superclass Of: dpv:CustomerCare, dpv:CustomerClaimsManagement, dpv:CustomerOrderManagement, dpv:CustomerRelationshipManagement, dpv:CustomerSolvencyMonitoring
Created:

Customer Order Management

Term: CustomerOrderManagement
Description: Manage customer orders
Subclass Of: dpv:CustomerManagement
Source: Belgian DPA ROPA Template
Created:

Customer Relationship Management

Term: CustomerRelationshipManagement
Description: Manage and analyse interactions with past, current, and potential customers
Subclass Of: dpv:CustomerManagement
Superclass Of: dpv:ImproveInternalCRMProcesses
Created:
Contributor(s): Beatriz, Georg P Krog, Harshvardhan J. Pandit

Customer Solvency Monitoring

Term: CustomerSolvencyMonitoring
Description: Monitor solvency of customers for financial diligence
Subclass Of: dpv:CustomerManagement
Source: Belgian DPA ROPA Template
Created:

Delivery of Goods

Term: DeliveryOfGoods
Description: Deliver goods and services requested or asked by consumer
Subclass Of: dpv:RequestedServiceProvision
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Delivery

Direct Marketing

Term: DirectMarketing
Description: Conduct direct marketing i.e. marketing communicated directly to the individual
Subclass Of: dpv:Marketing
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Dispute Management

Term: DisputeManagement
Description: Manage disputes by natural persons, private bodies, or public authorities relevant to organisation
Subclass Of: dpv:OrganisationGovernance
Source: Belgian DPA ROPA Template
Created:

Enforce Access Control

Term: EnforceAccessControl
Description: Conduct or enforce access control
Subclass Of: dpv:EnforceSecurity
Status: changed
Comment: Was previously "Access Control". Prefixed to distinguish from Technical Measure.
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Login

Enforce Security

Term: EnforceSecurity
Description: Ensure and enforce security e.g. of data, personnel
Subclass Of: dpv:Purpose
Superclass Of: dpv:EnforceAccessControl, dpv:FraudPreventionAndDetection, dpv:IdentityVerification
Status: changed
Comment: Was previous "Security". Prefixed to distinguish from TechOrg measures.
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Fraud Prevention and Detection

Term: FraudPreventionAndDetection
Description: Detect and prevent fraud
Subclass Of: dpv:EnforceSecurity
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Government

Human Resources Management

Term: HumanResourceManagement
Description: Manage humans and 'human resources' within the organisation for effective and efficient operations.
Subclass Of: dpv:Purpose
Comment: HR is a broad concept. Its management includes, amongst others - recruiting employees and intermediaries e.g. brokers, independent representatives; payroll administration, remunerations, commissions, and wages; and application of social legislation.
Source: Belgian DPA ROPA Template
Created:
Contributor(s): Beatriz Esteves, David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Identity Verification

Term: IdentityVerification
Description: Verify or authorize identity
Subclass Of: dpv:EnforceSecurity
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Improve Existing Products and Services

Term: ImproveExistingProductsAndServices
Description: Improve existing products and services
Subclass Of: dpv:OptimisationForController
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Improve Internal CRM Processes

Term: ImproveInternalCRMProcesses
Description: Improve customer-relationship management (CRM) processes
Subclass Of: dpv:CustomerRelationshipManagement, dpv:OptimisationForController
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Increase Service Robustness

Term: IncreaseServiceRobustness
Description: Improve robustness and resilience of services
Subclass Of: dpv:OptimisationForController
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Internal Resource Optimisation

Term: InternalResourceOptimisation
Description: Optimize internal resource availability and usage for organisation
Subclass Of: dpv:OptimisationForController
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Legal Compliance

Term: LegalCompliance
Description: Fulfilment of obligations or requirements towards achieving compliance with law or regulations
Subclass Of: dpv:Purpose
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Marketing

Term: Marketing
Description: Conduct marketing in relation to organisation or products or services e.g. promoting, selling, and distributing
Subclass Of: dpv:Purpose
Superclass Of: dpv:Advertising, dpv:DirectMarketing, dpv:PublicRelations, dpv:SocialMediaMarketing
Status: changed
Comment: Was commercial interest, changed to consider Marketing a separate Purpose category by itself
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Members and Partners Management

Term: MemberPartnerManagement
Description: Maintain registry of shareholders, members, or partners for governance, administration, and management functions
Subclass Of: dpv:OrganisationGovernance
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Non-Commercial Research

Term: NonCommercialResearch
Description: Conduct research in a non-commercial setting e.g. for a non-profit-organisation (NGO)
Subclass Of: dpv:ResearchAndDevelopment
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Optimisation for Consumer

Term: OptimisationForConsumer
Description: Optimize activities and services for consumer or user
Subclass Of: dpv:ServiceOptimization
Superclass Of: dpv:OptimiseUserInterface
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal
See Also: svpu:Custom

Optimisation for Controller

Term: OptimisationForController
Description: Optimize activities and services for provider or controller
Subclass Of: dpv:ServiceOptimization
Superclass Of: dpv:ImproveExistingProductsAndServices, dpv:ImproveInternalCRMProcesses, dpv:IncreaseServiceRobustness, dpv:InternalResourceOptimisation
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Optimise User Interface

Term: OptimiseUserInterface
Description: Optimize interfaces presented to the user
Subclass Of: dpv:OptimisationForConsumer
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Organisation Compliance Management

Term: OrganisationComplianceManagement
Description: Manage compliance for organisation in relation to internal policies
Subclass Of: dpv:OrganisationGovernance
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Organisation Governance

Term: OrganisationGovernance
Description: Conduct activities and functions for organisation's governance
Subclass Of: dpv:Purpose
Superclass Of: dpv:DisputeManagement, dpv:MemberPartnerManagement, dpv:OrganisationComplianceManagement, dpv:OrganisationRiskManagement
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Organisation Risk Management

Term: OrganisationRiskManagement
Description: Manage risk for organisation's activities
Subclass Of: dpv:OrganisationGovernance
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Payment

Term: Payment
Description: Process payment transactions in relation to service
Subclass Of: dpv:ServiceProvision
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Personalisation

Term: Personalisation
Description: Create and provide customisation based on attributes and/or needs of person(s) or context(s).
Subclass Of: dpv:Purpose
Superclass Of: dpv:PersonalisedAdvertising, dpv:ServicePersonalization
Comment: This term is a blanket purpose category for indicating personalisation of some other purpose, e.g. by creating a subclass of the other concept and Personalisation
Created:
Contributor(s): Harshvardhan J. Pandit

Personalised Advertising

Term: PersonalisedAdvertising
Description: Create and provide personalised advertising
Subclass Of: dpv:Advertising, dpv:Personalisation
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Personalised Benefits

Term: PersonalisedBenefits
Description: Create and provide personalised benefits for a service
Subclass Of: dpv:ServicePersonalization
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Public Relations

Term: PublicRelations
Description: Manage and conduct public relations processes. This includes creating goodwill for the organization.
Subclass Of: dpv:Marketing
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Record Management

Term: RecordManagement
Description: Manage creation, storage, and use of records relevant to operations, events, and processes e.g. to store logs or access requests
Subclass Of: dpv:Purpose
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Registration and Authentication

Term: RegistrationAuthentication
Description: Register, authenticate, and identify users or agents in context of a service
Subclass Of: dpv:ServiceProvision
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Requested Service Provision

Term: RequestedServiceProvision
Description: Deliver service as requested by user or consumer
Subclass Of: dpv:ServiceProvision
Superclass Of: dpv:DeliveryOfGoods
Created:

Research and Development

Term: ResearchAndDevelopment
Description: Conduct research and development for new methods, products, or services
Subclass Of: dpv:Purpose
Superclass Of: dpv:AcademicResearch, dpv:CommercialResearch, dpv:NonCommercialResearch
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Sector

Term: Sector
Description: Indicate or restrict scope for interpretation and application of purpose in a domain e.g. Agriculture, Banking
Comment: There are various sector codes used commonly to indicate the domain of an organisation or business. Examples include NACE (EU), ISIC (UN), SIC and NAICS (USA).
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Sell Data to Third Parties

Term: SellDataToThirdParties
Description: Sell data or information to third parties
Subclass Of: dpv:SellProducts
Status: changed
Comment: Sell here means exchange, submit, or provide in return for direct or indirect compensation. Was subclass of commercial interest, changed to reflect selling something
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Sell Insights from Data

Term: SellInsightsFromData
Description: Sell data or information relevant to insights obtained from analysis of data
Subclass Of: dpv:SellProducts
Status: changed
Comment: Sell here means exchange, submit, or provide in return for direct or indirect compensation. Was subclass of commercial interest, changed to reflect selling something
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Sell Products

Term: SellProducts
Description: Sell products or services
Subclass Of: dpv:ServiceProvision
Superclass Of: dpv:SellDataToThirdParties, dpv:SellInsightsFromData, dpv:SellProductsToDataSubject
Comment: Sell here means exchange, submit, or provide in return for direct or indirect compensation.
Created:

Sell Products to Data Subject

Term: SellProductsToDataSubject
Description: Sell products or services to the user, consumer, or data subjects
Subclass Of: dpv:SellProducts
Status: changed
Comment: Was subclass of commercial interest, changed to reflect selling something
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Service Optimization

Term: ServiceOptimization
Description: Optimise services or activities
Subclass Of: dpv:ServiceProvision
Superclass Of: dpv:OptimisationForConsumer, dpv:OptimisationForController
Status: changed
Comment: Subclass of ServiceProvision since optimisation is usually considered part of providing services
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Service Personalization

Term: ServicePersonalization
Description: Personalise services or product or activities
Subclass Of: dpv:Personalisation, dpv:ServiceProvision
Superclass Of: dpv:CreatePersonalizedRecommendations, dpv:PersonalisedBenefits, dpv:UserInterfacePersonalisation
Status: changed
Comment: Subclass of ServiceProvision since personalisation is usually considered part of providing services
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Service Provision

Term: ServiceProvision
Description: Provide service or product or activities
Subclass Of: dpv:Purpose
Superclass Of: dpv:Payment, dpv:RegistrationAuthentication, dpv:RequestedServiceProvision, dpv:SellProducts, dpv:ServiceOptimization, dpv:ServicePersonalization, dpv:ServiceRecordManagement, dpv:ServiceUsageAnalytics, dpv:TechnicalServiceProvision
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Service Order Management

Term: ServiceRecordManagement
Description: Manage invoicing, orders, and records in relation to services
Subclass Of: dpv:ServiceProvision
Created:

Analytics

Term: ServiceUsageAnalytics
Description: Conduct analysis and reporting related to usage of services or products
Subclass Of: dpv:ServiceProvision
Status: changed
Comment: Was "UsageAnalytics", prefixed with Service to better reflect scope
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Social Media

Term: SocialMediaMarketing
Description: Conduct marketing through social media
Subclass Of: dpv:Marketing
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Technical Service Provision

Term: TechnicalServiceProvision
Description: Manage and provide technical processes and functions necessary for delivering services
Subclass Of: dpv:ServiceProvision
Created:
Contributor(s): Harshvardhan J. Pandit

User Interface Personalisation

Term: UserInterfacePersonalisation
Description: Personalise interfaces presented to the user
Subclass Of: dpv:ServicePersonalization
Created:
Contributor(s): Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernandez, Simon Steyskal

Vendor Management

Term: VendorManagement
Description: Manage orders, payment, evaluation, and prospecting related to vendors
Subclass Of: dpv:Purpose
Superclass Of: dpv:VendorPayment, dpv:VendorRecordsManagement, dpv:VendorSelectionAssessment
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Vendor Payment

Term: VendorPayment
Description: Manage payment of vendors
Subclass Of: dpv:VendorManagement
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Vendor Records Management

Term: VendorRecordsManagement
Description: Manage orders related to vendors
Subclass Of: dpv:VendorManagement
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Vendor Selection Assessment

Term: VendorSelectionAssessment
Description: Manage selection, assessment, and evaluation related to vendors
Subclass Of: dpv:VendorManagement
Source: Belgian DPA ROPA Template
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Properties

has context | has sector |

has context

Term: hasContext
Description: Indicates a purpose is restricted to the specified context(s)
Status: accepted
Created:

has sector

Term: hasSector
Description: Indicates the purpose is associated with activities in the indicated (Economic) Sector(s)
Status: accepted
Created:

Processing Categories

Concepts related to Processing are available as an individual module here.

DPV provides a hierarchy of classes to specify the operations associated with the processing of personal data. Declaring the processing or processing categories associated with personal data is required by regulations such as the GDPR. Processing operations (e.g. collect, share, and use) can have specific constraints or obligations which makes it necessary to accurately represent them. While the term ‘use’ is liberally used to refer to a broad range of processing categories in privacy notices, we suggest to select and use appropriate terms to accurately reflect the nature of processing where applicable.

DPV processing vocabulary
Concepts for Processing in DPV

There are a variety of terms used for describing processing operations depending on specific interpretations within the technological, legal, or sociological domain. We consolidate these terms and define the following 'top-level' concepts to create a hierarchical taxonomy for categories of processing: [=Disclose=], [=Copy=], [=Obtain=], [=Remove=], [=Store=], [=Transfer=], [=Transform=], and [=Use=]. Each of these are then further expanded using subclasses within the taxonomy.

Although the DPV taxonomy of processing categories includes terms mentioned in the definition of processing in GDPR (Article 4-2), their interpretation is based on common understanding (i.e. dictionary definition) and legal interpretation. Where the interpretation of a term differs significantly within a jurisdiction, it is advisable to declare it in a separate vocabulary as an extension to the DPV, similar to DPV-GDPR. An example of where terms differ between common understanding and jurisdiction-dependent definitions is the term 'sell' mentioned within the California Consumer Protection Act (2018) 1798.140(t), which includes "selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating".

Along with information about the processing 'operation', regulations (e.g. GDPR) also require additional information such as scale of processing, extent of automation and human involvement, source of data, consequences, and algorithmic logic. DPV declares such concepts as top-level classes which can be used in combination with the processing (or other concepts such as purposes) to indicate their application.

Terms such as evaluation or scoring are defined within the processing categories because they relate to the specific operations or activities taking place over personal data. This is not to be confused as indicating a purpose, since they still need to be applied or defined towards a specific 'purpose' for the processing. For example, consider an use-case for scoring an individual for rankings in an online competition - here the 'scoring' is indicative of the processing operations while 'rankings' is the purpose.

The following is an overview of the concepts provided within the DPV processing taxonomy:

Class Property Description
[=Processing=] [=hasProcessing=] Specifies the processing operations over personal data
[=DataSource=] [=hasDataSource=] Indicates source of personal data used in processing
[=SystematicMonitoring=] Specifies processing involves systematic monitoring (of data subjects)
[=EvaluationScoring=] Specifies processing involves evaluating or scoring (of data subjects)
[=MatchingCombining=] Specifies processing involves matching or combining of data
[=AutomatedDecisionMaking=] Specifies processing produces automated decisions (regarding data subjects)
[=LargeScaleProcessing=] Specifies processing takes place at 'large scales'
[=InnovativeUseOfNewTechnologies=] Specifies processing involves use of innovative and new technologies
[=hasAlgorithmicLogic=] Specifies the algorithmic logic for processing
[=hasConsequences=] Specifies consequences arising from processing
[=hasHumanInvolvement=] Specifies the extent of human involvement regarding processing

Classes

Acquire | Adapt | Align | Alter | Analyse | Anonymise | Automated Decision Making | Collect | Combine | Consult | Copy | Data Source | Derive | Destruct | Disclose | Disclose by Transmission | Disseminate | Erase | Evaluation and Scoring | Innovative Use of New Technologies | Large Scale Processing | Make Available | Matching and Combining | Move | Obtain | Organise | Profiling | Pseudo-Anonymise | Record | Remove | Restrict | Retrieve | Share | Store | Structure | Systematic Monitoring | Transfer | Transform | Transmit | Use |

Acquire

Term: Acquire
Description: to come into possession or control of the data
Subclass Of: dpv:Obtain
Source: GDPR Art.4-2
Created:

Adapt

Term: Adapt
Description: to modify the data, often rewritten into a new form for a new use
Subclass Of: dpv:Transform
Source: GDPR Art.4-2
Created:

Align

Term: Align
Description: to adjust the data to be in relation to another data
Subclass Of: dpv:Transform
Source: GDPR Art.4-2
Created:

Alter

Term: Alter
Description: to change the data without changing it into something else
Subclass Of: dpv:Transform
Source: GDPR Art.4-2
Created:

Analyse

Term: Analyse
Description: to study or examine the data in detail
Subclass Of: dpv:Use
Source: SPECIAL Project
Created:
See Also: svpr:Analyse

Anonymise

Term: Anonymise
Description: to irreversibly alter personal data in such a way that an unique data subject can no longer be identified directly or indirectly or in combination with other data
Subclass Of: dpv:Transform
Source: SPECIAL Project
Created:
See Also: svpr:Anonymize

Automated Decision Making

Term: AutomatedDecisionMaking
Description: Processing that involves automated decision making
Source: GDPR Art.4-2
Created:
Contributor(s): Harshvardhan J. Pandit, Piero Bonatti

Collect

Term: Collect
Description: to gather data from someone
Subclass Of: dpv:Obtain
Source: GDPR Art.4-2, SPECIAL Project
Created:
See Also: svpr:Collect

Combine

Term: Combine
Description: to join or merge data
Subclass Of: dpv:Transform
Source: GDPR Art.4-2, SPECIAL Project
Created:
See Also: svpr:Aggregate

Consult

Term: Consult
Description: to consult or query data
Subclass Of: dpv:Use
Source: GDPR Art.4-2, SPECIAL Project
Created:
See Also: svpr:Query

Copy

Term: Copy
Description: to produce an exact reprodution of the data
Subclass Of: dpv:Processing
Source: SPECIAL Project
Created:
See Also: svpr:Copy

Data Source

Term: DataSource
Description: The source or origin of data
Comment: Source is direct point of data collection; 'origin' would indicate the original/others points of where the data originates from
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J. Pandit

Derive

Term: Derive
Description: to create new derivative data from the original data
Subclass Of: dpv:Transform
Source: SPECIAL Project
Created:
See Also: svpr:Derive

Destruct

Term: Destruct
Description: to process data in a way it no longer exists or cannot be repaired
Subclass Of: dpv:Remove
Source: GDPR Art.4-2
Created:

Disclose

Term: Disclose
Description: to make data known
Subclass Of: dpv:Processing
Superclass Of: dpv:DiscloseByTransmission, dpv:Disseminate, dpv:MakeAvailable, dpv:Share, dpv:Transmit
Source: GDPR Art.4-2
Created:

Disclose by Transmission

Term: DiscloseByTransmission
Description: to disclose data by means of transmission
Subclass Of: dpv:Disclose
Source: GDPR Art.4-2
Created:

Disseminate

Term: Disseminate
Description: to spread data throughout
Subclass Of: dpv:Disclose
Source: GDPR Art.4-2
Created:

Erase

Term: Erase
Description: to delete data
Subclass Of: dpv:Remove
Source: GDPR Art.4-2
Created:

Evaluation and Scoring

Term: EvaluationScoring
Description: Processing that involves evaluation and scoring of individuals
Source: GDPR Art.4-2
Created:
Contributor(s): Harshvardhan J. Pandit, Piero Bonatti

Innovative Use of New Technologies

Term: InnovativeUseOfNewTechnologies
Description: Processing that involves use of innovative and new technologies
Source: GDPR Art.4-2
Created:
Contributor(s): Harshvardhan J. Pandit, Piero Bonatti

Large Scale Processing

Term: LargeScaleProcessing
Description: Processing that takes place at large scales
Source: GDPR Art.4-2
Created:
Contributor(s): Harshvardhan J. Pandit, Piero Bonatti

Make Available

Term: MakeAvailable
Description: to transform or publish data to be used
Subclass Of: dpv:Disclose
Source: GDPR Art.4-2
Created:

Matching and Combining

Term: MatchingCombining
Description: Processing that involves matching and combining of personal data
Source: GDPR Art.4-2
Created:
Contributor(s): Harshvardhan J. Pandit, Piero Bonatti

Move

Term: Move
Description: to move data from one location to another including deleting the original copy
Subclass Of: dpv:Transfer
Source: SPECIAL Project
Created:
See Also: svpr:Move

Obtain

Term: Obtain
Description: to solicit or gather data from someone
Subclass Of: dpv:Processing
Superclass Of: dpv:Acquire, dpv:Collect, dpv:Record
Source: GDPR Art.4-2
Created:

Organise

Term: Organise
Description: to organize data for arranging or classifying
Subclass Of: dpv:Processing
Superclass Of: dpv:Structure
Source: GDPR Art.4-2
Created:

Profiling

Term: Profiling
Description: to create a profile that describes or represents a person
Subclass Of: dpv:Use
Source: GDPR Art.4-2
Created:

Pseudo-Anonymise

Term: PseudoAnonymise
Description: to replace personal identifiable information by artificial identifiers
Subclass Of: dpv:Transform
Source: GDPR Art.4-2
Created:

Record

Term: Record
Description: to make a record (especially media)
Subclass Of: dpv:Obtain
Source: GDPR Art.4-2
Created:

Remove

Term: Remove
Description: to destruct or erase data
Subclass Of: dpv:Processing
Superclass Of: dpv:Destruct, dpv:Erase
Source: GDPR Art.4-2
Created:

Restrict

Term: Restrict
Description: to apply a restriction on the processsing of specific records
Subclass Of: dpv:Transform
Source: GDPR Art.4-2
Created:

Retrieve

Term: Retrieve
Description: to retrieve data, often in an automated manner
Subclass Of: dpv:Use
Source: GDPR Art.4-2
Created:

Share

Term: Share
Description: to give data (or a portion of it) to others
Subclass Of: dpv:Disclose
Source: GDPR Art.4-2
Created:

Store

Term: Store
Description: to keep data for future use
Subclass Of: dpv:Processing
Source: GDPR Art.4-2
Created:

Structure

Term: Structure
Description: to arrange data according to a structure
Subclass Of: dpv:Organise
Source: GDPR Art.4-2
Created:

Systematic Monitoring

Term: SystematicMonitoring
Description: Processing that involves systematic monitoring of individuals
Source: GDPR Art.4-2
Created:
Contributor(s): Harshvardhan J. Pandit, Piero Bonatti

Transfer

Term: Transfer
Description: to move data from one place to another
Subclass Of: dpv:Processing
Superclass Of: dpv:Move
Source: SPECIAL Project
Created:
See Also: svpr:Transfer

Transform

Term: Transform
Description: to change the form or nature of data
Subclass Of: dpv:Processing
Superclass Of: dpv:Adapt, dpv:Align, dpv:Alter, dpv:Anonymise, dpv:Combine, dpv:Derive, dpv:PseudoAnonymise, dpv:Restrict
Source: GDPR Art.4-2
Created:

Transmit

Term: Transmit
Description: to send out data
Subclass Of: dpv:Disclose
Source: GDPR Art.4-2
Created:

Use

Term: Use
Description: to use data
Subclass Of: dpv:Processing
Superclass Of: dpv:Analyse, dpv:Consult, dpv:Profiling, dpv:Retrieve
Source: GDPR Art.4-2
Created:

Properties

has algorithmic logic | has consequence | has data source | has human involvement |

has algorithmic logic

Term: hasAlgorithmicLogic
Description: Indicates the logic used in processing such as for automated decision making
Status: accepted
Created:
Contributor(s): Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan

has consequence

Term: hasConsequence
Description: Indicates consequences of processing such as those for Data Subjects in relation to automated decision making
Status: changed
Created:
Contributor(s): Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan

has data source

Term: hasDataSource
Description: Indicates the source or origin of data being processed
Status: accepted
Created:
Contributor(s): Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan

has human involvement

Term: hasHumanInvolvement
Description: Indicates Involvement of humans in processing such as within automated decision making process
Status: accepted
Created:
Contributor(s): Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan

Technical and Organisational Measures

Concepts related to Technical and Organisational Measures are available as an individual module here.

Technical and Organisational measures consist of activities, processes, or procedures used in connection with ensuring data protection, carrying out processing in a secure manner, and complying with legal obligations. Such measures are required by regulations depending on the context of processing involving personal data. For example, GDPR (Article 32) states implementing appropriate measures by taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, as well as risks, rights and freedoms. Specific examples of measures in the article include:

  1. the pseudonymisation and encryption of personal data
  2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services
  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing
DPV Technical and Organisational Measures vocabulary
Concepts for Technical and Organisational Measures in DPV

To represent these requirements, the DPV defines a hierarchical taxonomy of technical and organisational measures through the top-level concept of [=TechnicalOrganisationalMeasure=], which is further distinguished as [=TechnicalMeasure=] and [=OrganisationalMeasure=]. A technical measure is an implementation detail or technology used to achieve a specific goal or objective, such as an authentication protocol used to validate identity. In contrast, an organisational measure is a process or procedure used by the organisation, for example an authorisation procedure to decide who should be granted access within an organisation.

Measures can be associated using the generic property [=measureImplementedBy=]. The value or object of this property can be an IRI (or URL) representing a specific measure or standard used to implement it, or a String representing relevant information.

In the future, we plan to provide a collection of terms and URIs for specifying standards (e.g. ISO) and best practices (e.g. certifications, seals). Whether this should be provided within the DPV itself or as a separate extension similar to DPV-GDPR is to be decided. We welcome participation and contributions for this work.

DPV provides specific measures for storage of personal data in the form of [=StorageRestriction=], with specialised variants for duration as [=StorageDuration=], location as [=StorageLocation=], deletion as [=StorageDeletion=], and restoration as [=StorageRestoration=].

The generic properties [=hasStorage=], [=hasLocation=], and [=hasDuration=] enable representing information about storage, location, and duration respectively. These can be used to specify restrictions or conditions, such as for storage of personal data, its processing, or information about recipients.

For indicating the mitigation of [=Risk=], DPV provides [=RiskMitigationMeasure=] as a top-level concept within the Technical and Organisational measures taxonomy. The property [=mitigatesRisk=] is used to indicate the relationship between risk and its mitigation.

The following provides an overview of the important top-level concepts within the Technical and Organisational measures taxonomy:

Class Property Description
[=TechnicalOrganisationalMeasure=] [=hasTechnicalOrganisationalMeasure=] Specifies the technical and organisational measures utilised or applicable
[=measureImplementedBy=] Specifies the implementation details of measure
[=RiskMitigationMeasure=] [=mitigatesRisk=] Specifies use of measure to mitigate risks
[=StorageRestriction=] Specifies restriction on storage of personal data
[=StorageDuration=] Specifies restriction on duration of storage
[=StorageLocation=] Specifies restriction on location of storage
[=StorageDeletion=] Specifies restriction on deletion of storage
[=hasStorage=] Specifies information about storage
[=hasLocation=] Specifies information about location
[=hasDuration=] Specifies information about duration

Classes

Access Control Method | Anonymization | Assessment | Authentication Protocols | Authorisation Procedure | Certification | Certification and Seal | Code of Conduct | Consultation | Consultation with Authority | ContractualTerms | Data Processing Records | Data Transfer Impact Assessment | De-Identification | Design Standard | Data Protection Impact Assessment (DPIA) | Encryption in Rest | Encryption in Transfer | GuidelinesPrinciple | Impact Assessment | Legal Agreement | Legitimate Interest Assessment | Non-Disclosure Agreement (NDA) | Notice | Organisational Measure | Privacy Impact Assessment | Policy | Privacy by Default | Privacy by Design | Privacy Notice | Pseudo-Anonymization | Pseudonymisation and Encryption | Records of Activities | Register of Processing Activities | Regularity of Re-certification | Risk Management Procedure | Risk Mitigation Measure | Safeguard | Safeguard for Data Transfer | Seal | Single Sign On | Staff Training | Storage Deletion | Storage Duration | Storage Location | Storage Restoration | Storage Restriction | Technical Measure |

Access Control Method

Term: AccessControlMethod
Description: Methods which restrict access to a place or resource
Subclass Of: dpv:TechnicalMeasure
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Anonymization

Term: Anonymization
Description: Altering personal data irreversibly such that a data subject can no longer be identified directly or indirectly, either by the data controller alone or in collaboration with any other party
Subclass Of: dpv:PseudoAnonymization
Source: GDPR Art.4-5
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Assessment

Term: Assessment
Description: The document, plan, or process for assessment or determination towards a purpose e.g. assessment of legality or impact assessments
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:ImpactAssessment, dpv:LegitimateInterestAssessment
Created:
Contributor(s): Harshvardhan J. Pandit

Authentication Protocols

Term: AuthenticationProtocols
Description: Protocols involving validation of identity i.e. authentication of a person or information
Subclass Of: dpv:TechnicalMeasure
Superclass Of: dpv:SingleSignOn
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Authorisation Procedure

Term: AuthorisationProcedure
Description: Procedures for determining authorisation through permission or authority
Subclass Of: dpv:OrganisationalMeasure
Comment: non-technical authorisation procedures: How is it described on an organisational level, who gets access to the data
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Certification

Term: Certification
Description: Certification mechanisms, seals, and marks for the purpose of demonstrating compliance
Subclass Of: dpv:CertificationSeal
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Certification and Seal

Term: CertificationSeal
Description: Certifications, seals, and marks indicating compliance to regulations or practices
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:Certification, dpv:Seal
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Code of Conduct

Term: CodeOfConduct
Description: A set of rules or procedures outlining the norms and practices for conducting activities
Subclass Of: dpv:GuidelinesPrinciple
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Consultation

Term: Consultation
Description: Consultation is a process of receiving feedback, advice, or opinion from an external agency
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:ConsultationWithAuthority
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Consultation with Authority

Term: ConsultationWithAuthority
Description: Consultation with an authority or authoritative entity
Subclass Of: dpv:Consultation
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

ContractualTerms

Term: ContractualTerms
Description: Contractual terms governing data handling within the data controller
Subclass Of: dpv:LegalAgreement
Status: changed
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Data Processing Records

Term: DataProcessingRecords
Description: Records of personal data processing, whether ex-ante or ex-post
Subclass Of: dpv:RecordsOfActivities
Created:
Contributor(s): Harshvardhan J. Pandit

Data Transfer Impact Assessment

Term: DataTransferImpactAssessment
Description: Impact Assessment for conducting data transfers
Subclass Of: dpv:ImpactAssessment
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

De-Identification

Term: DeIdentification
Description: Conversion of identifiable personal data (PII) to un-identifiable personal data
Subclass Of: dpv:PseudoAnonymization
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Design Standard

Term: DesignStandard
Description: A set of rules or guidelines outlining criterias for design
Subclass Of: dpv:GuidelinesPrinciple
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Data Protection Impact Assessment (DPIA)

Term: DPIA
Description: A DPIA involves determining the potential and actual impact of processing activities on individuals or groups of individuals
Subclass Of: dpv:ImpactAssessment
Comment: Top class: Impact Assessment, and DPIA is sub-class
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Encryption in Rest

Term: EncryptionInRest
Description: Encryption of data when being stored (persistent encryption)
Subclass Of: dpv:PseudonymisationEncryption
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Encryption in Transfer

Term: EncryptionInTransfer
Description: Encryption of data in transit e.g. when being transferred from one location to another, including sharing
Subclass Of: dpv:PseudonymisationEncryption
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

GuidelinesPrinciple

Term: GuidelinesPrinciple
Description: Guidelines or Principles regarding processing and operational measures
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:CodeOfConduct, dpv:DesignStandard, dpv:PrivacyByDefault
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Impact Assessment

Term: ImpactAssessment
Description: Calculating or determining the likelihood of impact of an existing or proposed process, which can involve risks or detriments.
Subclass Of: dpv:Assessment
Superclass Of: dpv:DPIA, dpv:DataTransferImpactAssessment, dpv:PIA
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Legal Agreement

Term: LegalAgreement
Description: A legally binding agreement
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:Contract, dpv:ContractualTerms, dpv:NDA
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Legitimate Interest Assessment

Term: LegitimateInterestAssessment
Description: Indicates an assessment regarding the use of legitimate interest as a lawful basis by the data controller
Subclass Of: dpv:Assessment
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Non-Disclosure Agreement (NDA)

Term: NDA
Description: Non-disclosure Agreements e.g. preserving confidentiality of information
Subclass Of: dpv:LegalAgreement
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Notice

Term: Notice
Description: A notice is an artefact for providing information, choices, or controls
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:PrivacyNotice
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Organisational Measure

Term: OrganisationalMeasure
Description: Organisational measures required/followed when processing data of the declared category
Subclass Of: dpv:TechnicalOrganisationalMeasure
Superclass Of: dpv:Assessment, dpv:AuthorisationProcedure, dpv:CertificationSeal, dpv:Consultation, dpv:GuidelinesPrinciple, dpv:LegalAgreement, dpv:Notice, dpv:Policy, dpv:RecordsOfActivities, dpv:RiskManagementProcedure, dpv:Safeguard
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Privacy Impact Assessment

Term: PIA
Description: Carrying out an impact assessment regarding privacy risks
Subclass Of: dpv:ImpactAssessment
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Policy

Term: Policy
Description: A guidance document outlining any of: procedures, plans, principles, decisions, intent, or protocols.
Subclass Of: dpv:OrganisationalMeasure
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Privacy by Default

Term: PrivacyByDefault
Description: Practices regarding selecting appropriate data protection and privacy measures as the 'default' in an activity or service
Subclass Of: dpv:GuidelinesPrinciple
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Privacy by Design

Term: PrivacyByDesign
Description: Practices regarding incorporating data protection and privacy in the design of information and services
Subclass Of: dpv:RiskManagementProcedure
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Privacy Notice

Term: PrivacyNotice
Description: Represents a notice or document outlining information regarding privacy
Subclass Of: dpv:Notice
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Pseudo-Anonymization

Term: PseudoAnonymization
Description: PseudoAnonmyization or 'pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;
Subclass Of: dpv:PseudonymisationEncryption
Superclass Of: dpv:Anonymization, dpv:DeIdentification
Source: GDPR Art.4-5
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Pseudonymisation and Encryption

Term: PseudonymisationEncryption
Description: Technical measures consisting of pseudoanonymization and encryption
Subclass Of: dpv:TechnicalMeasure
Superclass Of: dpv:EncryptionInRest, dpv:EncryptionInTransfer, dpv:PseudoAnonymization
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Records of Activities

Term: RecordsOfActivities
Description: Records of activities within some context such as maintainence tasks or governance functions
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:DataProcessingRecords
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Register of Processing Activities

Term: RegisterOfProcessingActivities
Description: A ROPA is a document maintained by Data Controllers detailing processing activities carried out under their responsibility
Subclass Of: dpv:ProcessingRecords
Comment: Tied to compliance processes and documents, decide how to specify those
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Regularity of Re-certification

Term: RegularityOfRecertification
Description: Policy regarding repetition or renewal of existing certification(s)
Subclass Of: dpv:RiskManagementProcedure
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Risk Management Procedure

Term: RiskManagementProcedure
Description: Risk management refers to a coordinated set of activities and methods that is used to direct an organization and to control the many risks that can affect its ability to achieve objectives. The term risk management also refers to the programme that is used to manage risk. This programme includes risk management principles, a risk management framework, and a risk management process.
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:PrivacyByDesign, dpv:RegularityOfRecertification, dpv:StaffTraining
Comment: Data Protection Impact Assessments as per GDPR art 35, other Privacy Impact Assessments, threat severity assessment https://www.cnil.fr/en/privacy-impact-assessment-pia
Source: ISO 31000
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Risk Mitigation Measure

Term: RiskMitigationMeasure
Description: Measures intended to mitigate, minimise, or prevent risk.
Subclass Of: dpv:TechnicalOrganisationalMeasure
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Safeguard

Term: Safeguard
Description: A safeguard is a precautionary measure for the protection against or mitigation of negative effects
Subclass Of: dpv:OrganisationalMeasure
Superclass Of: dpv:SafeguardForDataTransfer
Comment: This concept is relevant given the requirement to assert safeguards in cross-border data transfers
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Safeguard for Data Transfer

Term: SafeguardForDataTransfer
Description: Represents a safeguard used for data transfer. Can include technical or organisational measures.
Subclass Of: dpv:Safeguard
Created:
Contributor(s): David Hickey, Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Seal

Term: Seal
Description: A seal or a mark indicating proof of certification to some certification or standard
Subclass Of: dpv:CertificationSeal
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Single Sign On

Term: SingleSignOn
Description: Use of credentials or processes that enable using one set of credentials to authenticate multiple contexts.
Subclass Of: dpv:AuthenticationProtocols
Created:
Contributor(s): Georg P Krog, Harshvardhan J. Pandit, Paul Ryan

Staff Training

Term: StaffTraining
Description: Practices and policies regarding training of staff members
Subclass Of: dpv:RiskManagementProcedure
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Storage Deletion

Term: StorageDeletion
Description: Deletion or Erasure of data including any deletion guarantees
Subclass Of: dpv:StorageRestriction
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Storage Duration

Term: StorageDuration
Description: Duration or temporal entity denoting limitation on storage of personal data
Subclass Of: dpv:StorageRestriction
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Storage Location

Term: StorageLocation
Description: Location or geospatial scope where the data is stored
Subclass Of: dpv:StorageRestriction
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Storage Restoration

Term: StorageRestoration
Description: Regularity and temporal span of data restoration/backup mechanisms that guarantee that data is preserved
Subclass Of: dpv:StorageRestriction
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Storage Restriction

Term: StorageRestriction
Description: Restrictions required or followed regarding storage of data
Subclass Of: dpv:TechnicalMeasure
Superclass Of: dpv:StorageDeletion, dpv:StorageDuration, dpv:StorageLocation, dpv:StorageRestoration
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Technical Measure

Term: TechnicalMeasure
Description: Technical measures required/followed when processing data of the declared category
Subclass Of: dpv:TechnicalOrganisationalMeasure
Superclass Of: dpv:AccessControlMethod, dpv:AuthenticationProtocols, dpv:PseudonymisationEncryption, dpv:StorageRestriction
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

Properties

has duration | has location | has storage | measure implemented by | mitigates risk |

has duration

Term: hasDuration
Description: Indicates information about duration
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

has location

Term: hasLocation
Description: Indicates information about location
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

has storage

Term: hasStorage
Description: Indicates information about storage
Status: accepted
Source: SPECIAL Project
Created:
Contributor(s): Axel Polleres, Harshvardhan J. Pandit, Mark Lizar, Rob Brennan

measure implemented by

Term: measureImplementedBy
Description: a generic Property to describe how the measure is implemented
Status: accepted
Created:
Contributor(s): Axel Polleres

mitigates risk

Term: mitigatesRisk
Description: Indicates mitigation of risk(s)
Status: accepted
Created:
Contributor(s): Harshvardhan J. Pandit

Entities

Concepts related to Entities are available as an individual module here.

Entities refer to individuals, organisations, institutions, authorities, agencies, or any similar 'actor'. Defining and representing them is important given their rights and responsibilities under legal obligations. To represent such entities, DPV defines the [=LegalEntity=] class as a generic concept which if further extended to represent the different categories of entities.

DPV Entities vocabulary
Concepts for Entities in DPV

The DPV core vocabulary includes the concepts of [=DataSubject=], [=DataController=], and [=Recipient=] which are subclasses of [=LegalEntity=]. Consequently, they are not described in this section to avoid duplicity.

To describe the entities that act as recipients regarding personal data and its processing, the concepts of [=DataProcessor=], [=DataSubProcessor=], and [=ThirdParty=] are defined. Defining recipients is important in the context of data protection and privacy as it allows tracking the entities personal data is shared/transfered with. The concepts of [=Child=] and [=VulnerableDataSubject=] represent specific categories of data subjects based on relevance in legal requirements. The concept [=Authority=] represents an entity with legal authority, and is extended to represent [=DataProtectionAuthority=] for a specific authority concerned with data protection and privacy. To represent an 'agent' of an organisation, the concept [=Representative=] is provided. Similarly, [=DataProtectionOfficer=] refers to a specific entity associated with monitoring data protection and privacy within (or on behalf of) an organisation.

The concept 'child' can be legally distinct from 'minor', although they are also used as synonyms in several cases. DPV uses 'child' as the commonly used term to signify an individual below a certain legally defined age. This is influenced from the use of the term 'child' within the GDPR and by CJEU in its judgements. It is important to note that the relevant age for determining a child (or a minor child) varies by jurisdiction.

To represent information about entities, DPV provides the following properties: [=hasName=] to indicate name, [=hasAddress=] to indicate address, [=hasContact=] to indicate contact or communication channels, [=hasIdentifier=] to indicate an identifier associated with the entity, and [=hasRepresentative=] to indicate an 'agent' or representative of the entity.

Classes

Authority | Child | Data Exporter | Data Importer | Data Processor | Data Protection Authority | Data Protection Officer | Data Sub-Processor | Legal Entity | Representative | Third Party | Vulnerable Data Subject |

Authority

Term: Authority
Description: An authority with the power to create or enforce laws, or determine their compliance.
Subclass Of: dpv:LegalEntity
Superclass Of: dpv:DataProtectionAuthority
Created:
Contributor(s): Georg Krog, Harshvardhan Pandit, Paul Ryan

Child

Term: Child
Description: A 'child' is a natural legal person who is below a certain legal age depending on the legal jurisdiction.
Subclass Of: dpv:DataSubject
Comment: The legality of age defining a child varies by jurisdiction. In addition, 'child' is distinct from a 'minor'. For example, the legal age drinking alcohol can be 21, which makes a person of age 20 a 'minor' in this context. In other cases, 'minor' and 'child' are used interchangeably to refer to a person below some legally defined age.
Created:
Contributor(s): Harshvardhan J. Pandit

Data Exporter

Term: DataExporter
Description: An entity that 'exports' data where exporting is considered a form of data transfer
Subclass Of: dpv:LegalEntity
Comment: The EU, in particular the EDPB, uses data exporter the context of cross-border data transfers/flows. These concepts are not bound by jurisdictional or geopolitical scopes within DPV and can thus be used for any notion of exporting
Source: EDPB Recommendations 01/2020 on Data Transfers
Created:
Contributor(s): David Hickey, Georg Krog, Harshvardhan Pandit, Paul Ryan

Data Importer

Term: DataImporter
Description: An entity that 'imports' data where importing is considered a form of data transfer
Subclass Of: dpv:Recipient
Comment: The EU, in particular the EDPB, uses data importing the context of cross-border data transfers/flows. These concepts are not bound by jurisdictional or geopolitical scopes within DPV and can thus be used for any notion of importing
Source: EDPB Recommendations 01/2020 on Data Transfers
Created:
Contributor(s): David Hickey, Georg Krog, Harshvardhan Pandit, Paul Ryan

Data Processor

Term: DataProcessor
Description: A ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Subclass Of: dpv:Recipient
Superclass Of: dpv:DataSubProcessor
Source: GDPR Art.4-8
Created:
Contributor(s): Harshvardhan J. Pandit

Data Protection Authority

Term: DataProtectionAuthority
Description: An authority tasked with overseeing legal compliance regarding privacy and data protection laws.
Subclass Of: dpv:Authority
Created:
Contributor(s): Georg Krog, Harshvardhan Pandit, Paul Ryan

Data Protection Officer

Term: DataProtectionOfficer
Description: An entity within or authorised by an organisation to monitor internal compliance, inform and advise on data protection obligations and act as a contact point for data subjects and the supervisory authority.
Subclass Of: dpv:LegalEntity
Source: GDPR Art.37
Created:
Contributor(s): Georg Krog, Paul Ryan

Data Sub-Processor

Term: DataSubProcessor
Description: A 'sub-processor' is a processor engaged by another processor
Subclass Of: dpv:DataProcessor
Comment: sub-processor' is a commonly used term similar to 'sub-contractor' and does not have a specific legal definition
Created:
Contributor(s): Harshvardhan J. Pandit

Legal Entity

Term: LegalEntity
Description: A human or non-human that constitute as a legally defined entity
Superclass Of: dpv:Authority, dpv:DataController, dpv:DataExporter, dpv:DataProtectionOfficer, dpv:DataSubject, dpv:Recipient, dpv:Representative
Created:
Contributor(s): Harshvardhan J. Pandit

Representative

Term: Representative
Description: A representative of a legal entity
Subclass Of: dpv:LegalEntity
Source: GDPR Art.27
Created:
Contributor(s): Beatriz Esteves, Georg Krog, Harshvardhan J. Pandit, Paul Ryan

Third Party

Term: ThirdParty
Description: A ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and people who, under the direct authority of the controller or processor, are authorised to process personal data.
Subclass Of: dpv:Recipient
Source: GDPR Art.4-10
Created:
Contributor(s): Harshvardhan J. Pandit

Vulnerable Data Subject

Term: VulnerableDataSubject
Description: Data Subjects which should be considered 'vulnerable' and therefore would require additional measures and safeguards
Subclass Of: dpv:DataSubject
Created:
Contributor(s): Georg Krog, Harshvardhan Pandit, Paul Ryan

Properties

has address | has contact | has identifier | has name | has representative |

has address

Term: hasAddress
Description: Specifies address of a legal entity such as street address or pin code
Status: accepted
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J.Pandit, Paul Ryan

has contact

Term: hasContact
Description: Specifies contact details of a legal entity such as phone or email
Status: accepted
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J.Pandit, Paul Ryan

has identifier

Term: hasIdentifier
Description: Specifies an identifier for the entity such as registeration number or official ID
Status: accepted
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J.Pandit, Paul Ryan

has name

Term: hasName
Description: Specifies name of a legal entity
Status: accepted
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J.Pandit, Paul Ryan

has representative

Term: hasRepresentative
Description: Specifies representative of the legal entity
Status: accepted
Created:
Contributor(s): Beatriz Esteves, Georg P Krog, Harshvardhan J.Pandit, Paul Ryan