The Data Privacy Vocabulary [[DPV]] enables expressing machine-readable metadata about the use and processing of personal data based on legislative requirements such as the General Data Protection Regulation [[GDPR]]. This document describes the DPV specification along with its data model. The canonical URL for DPV is https://w3id.org/dpv which contains (this) specification. The namespace for DPV terms is https://w3id.org/dpv#, the suggested prefix is dpv, and this document along with source and releases are available at https://github.com/w3c/dpv.

The DPVCG is currently updating the specifications to v2. This document is a draft and may change as part of this process.

Contributing: The DPVCG welcomes participation to improve the DPV and associated resources, including expansion or refinement of concepts, requesting information and applications, and addressing open issues. See contributing page for further information.

DPV and Related Resources

[[[DPV]]]: is the base/core specification for the 'Data Privacy Vocabulary', which is extended for Personal Data [[PD]], Locations [[LOC]], Risk Management [[RISK]], Technology [[TECH]], and [[AI]]. Specific [[LEGAL]] extensions are also provided which model jurisdiction specific regulations and concepts - see the complete list of extensions. To support understanding and applications of [[DPV]], various guides and resources [[GUIDES]] are provided, including a [[PRIMER]].

[[DPV]] and related resources are published on GitHub. For a general overview of the Data Protection Vocabularies and Controls Community Group [[DPVCG]], its history, deliverables, and activities - refer to DPVCG Website. For meetings, see the DPVCG calendar.

The peer-reviewed article “Creating A Vocabulary for Data Privacy” presents a historical overview of the DPVCG, and describes the methodology and structure of the DPV along with describing its creation. An open-access version can be accessed here, here, and here. The article preprint Data Privacy Vocabulary (DPV) - Version 2 describes the changes made in DPV v2.

Introduction

Semantics

This document assumes the reader is familiar with DPV through the [[[PRIMER]]], and thus focuses on providing a topically structured documentation of concepts defined by DPV.

DPV's terms are defined using [[RDFS]] & [[SKOS]] semantics where all 'classes' and 'properties' are defined as skos:Concept in addition to rdfs:Class and rdf:Property respectively. For taxonomies or hierarchies, concepts are defined as 'instances' of a top-concept, and relationships within the hierarchy are defined using skos:broader/skos:narrower. For example, [=Purpose=] is the top concept within the purposes taxonomy, and all purposes are instances of it. [=ServiceProvision=] is the purpose associated with 'service provision', and [=RequestedServiceProvision=] as a more specific purpose is associated with it using skos:broader.

[[OWL]] is an alternate serialisation of DPV where the same concepts are defined using [[OWL]] semantics for use with OWL-based reasoners. The conversion from SKOS to OWL follows the best practices and concerns outlined in [[[SKOS-OWL]]], e.g. by replacing skos:Concept with owl:Class, and using rdfs:subClassOf instead of skos:broader/skos:narrower.

DPV consists of certain 'core concepts' that are intended to be independent representations of specific information, and are distinct from other core concepts. For example, the [=Purpose=] refers only to the purpose of why personal data is processed and is independent as a concept from the other concepts (e.g. [=PersonalData=] or [=LegalBasis=]). The structuring of DPV is based on providing rich and comprehensive taxonomies that group concepts together based on each core concept, e.g. taxonomy of purposes, taxonomy of legal basis. 'Extensions' are a separate group of concepts that expand the 'core' vocabulary to represent specific information e.g. [[PD]] for personal data categories and [[RISK]] for risk management.

Core Vocabulary

DPV core vocabulary
Overview of concepts in DPV

The 'Core' concepts and relationships in DPV represent and associate relevant information regarding the what, how, where, who, why of personal data and its processing. These are:

Concept Relation
[=PersonalData=] [=hasPersonalData=]
[=Purpose=] [=hasPurpose=]
[=Processing=] [=hasProcessing=]
[=DataController=] [=hasDataController=]
[=DataSubject=] [=hasDataSubject=]
[=Recipient=] [=hasRecipient=]
[=TechnicalOrganisationalMeasure=] [=hasTechnicalOrganisationalMeasure=]
[=LegalBasis=] [=hasLegalBasis=]
[=Right=] [=hasRight=]
[=Risk=] [=hasRisk=]
[=Context=] [=hasContext=]

To 'group' these concepts together within a specific use-case, the concept [=Process=] and relation [=hasProcess=] are useful (the concept [=PersonalDataHandling=] was used in earlier versions for the same). For example, a 'process' about a specific application can represent the associated purposes, personal data, legal basis, etc. using the relations and provided taxonomies. For a detailed representation, the following specialisations of processes are provided to indicate e.g. the process is or is not expected to involve personal data:

  • dpv:NonPersonalDataProcess: An action, activity, or method involving non-personal data, and asserting that no personal data is involved go to full definition
  • dpv:PersonalDataHandling: An abstract concept describing 'personal data handling' go to full definition
  • dpv:PersonalDataProcess: An action, activity, or method involving personal data go to full definition
  • dpv:Service: A service is a process where one entity provides some benefit or assistance to another entity go to full definition

Taxonomies

The rest of the document expands on the core concepts through the following taxonomies.

Process

Entities

Please refer to entities page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the entities concepts.

DPV relies on existing well-founded interpretations for its concepts, which in this case relate to Entity as a generic universal concept and LegalEntity specifically referring to roles defined legally or within legal norms. Expanding on these, DPV provides a taxonomy of entities based on their application within laws and use-cases in the form of Legal roles, such as [=DataController=], [=DataSubject=], and [=Authority=]. Later, these concepts are expanded into taxonomies for different kinds of entities categorised under a common concept. For example, categories of Data Subjects such as [=Adult=], [=User=], or [=Employee=]; or kinds of Authorities, or categories of Organisations.

Legal Roles

Legal Role is the role taken on by a legal entity based on definitions or criterias from laws, regulations, or other such normative sources. Legal roles assist in representing the role and responsibility of an entity within the context of processing, and from this to determine the requirements and obligations that should apply, and their compliance or conformance.

  • dpv:DataController: The individual or organisation that decides (or controls) the purpose(s) of processing personal data. go to full definition
    • dpv:JointDataControllers: A group of Data Controllers that jointly determine the purposes and means of processing go to full definition
  • dpv:DataExporter: An entity that 'exports' data where exporting is considered a form of data transfer go to full definition
  • dpv:Recipient: Entities that receive data or technologies go to full definition
    • dpv:DataImporter: An entity that 'imports' data where importing is considered a form of data transfer go to full definition
    • dpv:DataProcessor: A ‘processor’ means a natural or legal person, public authority, agency or other body which processes data on behalf of the controller. go to full definition
      • dpv:DataSubProcessor: A 'sub-processor' is a processor engaged by another processor go to full definition
    • dpv:ThirdParty: A ‘third party’ means any natural or legal person other than - the entities directly involved or operating under those directly involved in a process go to full definition
  • dpv:ServiceConsumer: The entity that consumes or receives the service go to full definition
  • dpv:ServiceProvider: The entity that provides a service go to full definition

Authorities

The concept [=Authority=] is a specific Governmental Organisation authorised to enforce a law or regulation. Authorities can be associated with a specific domain, topic, or jurisdiction. DPV currently defines regional authorities for [=NationalAuthority=], [=RegionalAuthority=], and [=SupraNationalAuthority=], and [=DataProtectionAuthority=] represents authorities associated with data protection and privacy. To associate authorities with concepts, the relations [=hasAuthority=] and [=isAuthorityFor=] are provided.

  • dpv:DataProtectionAuthority: An authority tasked with overseeing legal compliance regarding privacy and data protection laws. go to full definition
  • dpv:NationalAuthority: An authority tasked with overseeing legal compliance for a nation go to full definition
  • dpv:RegionalAuthority: An authority tasked with overseeing legal compliance for a region go to full definition
  • dpv:SupraNationalAuthority: An authority tasked with overseeing legal compliance for a supra-national union e.g. EU go to full definition

Organisation

  • dpv:AcademicScientificOrganisation: Organisations related to academia or scientific pursuits e.g. Universities, Schools, Research Bodies go to full definition
  • dpv:ForProfitOrganisation: An organisation that aims to achieve profit as its primary goal go to full definition
  • dpv:GovernmentalOrganisation: An organisation managed or part of government go to full definition
  • dpv:IndustryConsortium: A consortium established and comprising on industry organisations go to full definition
  • dpv:InternationalOrganisation: An organisation and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries go to full definition
  • dpv:NonGovernmentalOrganisation: An organisation not part of or independent from the government go to full definition
  • dpv:NonProfitOrganisation: An organisation that does not aim to achieve profit as its primary goal go to full definition

Data Subjects

DPV provides a taxonomy of data subject types to assist with describing what kind of individuals or groups are associated with an use-case. Some examples of such types are agency-based roles: [=Adult=] and [=Child=], [=ParentOfDataSubject=], [=GuardianOfDataSubject=]; those associated with vulnerability: [=VulnerableDataSubject=], [=ElderlyDataSubject=], [=AsylumSeeker=]; domain-specific roles such as [=Patient=], [=Employee=], [=Student=], jurisdictional roles such as [=Citizen=], [=NonCitizen=], [=Immigrant=]; and general roles such as [=User=], [=Member=], [=Participant=], and [=Client=].

Purposes

Overview of Purpose taxonomy in DPV (click to open in new window)

Please refer to purposes page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the purposes concepts.

DPV’s taxonomy of purposes is used to represent the reason or justification for processing of personal data. For this, purposes are organised within DPV based on how they relate to the processing of personal data in terms of several factors, such as: management functions related to information (e.g. records, account, finance), fulfilment of objectives (e.g. delivery of goods), providing goods and services (e.g. service provision), intended benefits (e.g. optimisations for service provider or consumer), and legal compliance.

DPV provides a taxonomy of Purpose instances for use with [=hasPurpose=] relation. In addition, DPV also defines the concept [=Sector=] (associated using [=hasSector=]) to indicate a contextual interpretation of the purpose within a specified sector.

Data & Personal Data

Please refer to personal data page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the personal data concepts.

DPV provides the concept [=PersonalData=] and the relation [=hasPersonalData=] to indicate what categories or instances of personal data are being processed. The DPV specification only provides a structure for describing personal data, e.g. as being sensitive. For specific categories of personal data for use-cases, [[[PD]]] provides additional concepts that extend the DPV's personal data taxonomy. This separation is to enable adopters to decide whether the extension's concepts are useful to them, or to use other external vocabularies, or define their own.

In addition to Personal Data, there may be a need to represent Non-Personal Data within the same contextual use-cases. For this, DPV provides the concepts [=Data=], [=NonPersonalData=] and [=SyntheticData=].

To indicate data categorised based on [=DataSource=], e.g. as "collected personal data", DPV provides: [=CollectedPersonalData=], [=DerivedPersonalData=], [=InferredPersonalData=], [=GeneratedPersonalData=], and [=ObservedPersonalData=].

For indicating personal data which is sensitive, the concept [=SensitivePersonalData=] is provided. For indicating special categories of data, the concept [=SpecialCategoryPersonalData=] is provided. In this, the concept sensitive indicates that the data needs additional considerations (and perhaps caution) when processing, such as by increasing its security, reducing usage, or performing impact assessments. Special categories, by contrast, are a 'special' type of sensitive personal data requiring additional considerations or obligations defined in laws (or through other forms) that regulate how they should be used or prohibit their use until specific obligations are met.

To specify data is anonymised, DPV provides two concepts. [=AnonymisedData=] for when data is completely anonymised and cannot be de-anonymised, which is a subtype of [=NonPersonalData=]. And, [=PseudonymisedData=] for when data has only been partially anonymised or de-anonymisation is possible, which is a subtype of [=PersonalData=].

DPV defines the following concepts for expressing information about data:

Processing

Please refer to processing page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the processing concepts.

DPV’s taxonomy of processing concepts reflects the variety of terms used to denote processing activities or operations involving personal data, such as those from [GDPR] Article.4-2 definition of processing. Real-world use of terms associated with processing rarely uses this same wording or terms, except in cases of specific domains and in legal documentation. On the other hand, common terms associated with processing are generally restricted to: collect, use, store, share, and delete.

DPV provides a taxonomy that aligns both the legal terminologies such as those defined by GDPR with those commonly used. For this, concepts are organised based on whether they subsume other concepts, e.g. Use is a broad concept indicating data is used, which DPV extends to define specific processing concepts for Analyse, Consult, Profiling, and Retrieving. Through this mechanism, whenever an use-case indicates it consults some data, it can be inferred that it also uses that data.

For concepts related to expressing contextual information associated with processing, such as storage conditions, automation, scale, see Processing Context and Processing Scale sections.

Processing Context

Please refer to processing context page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the processing context concepts.

Storage Conditions, Automation

This taxonomy provides concepts for representing information about storage conditions, e.g. how long the data will be stored for, its erasure, or its restoration. It also enables representing the source(s) of data, the use of automation, and the extent of human involvement within the automation.

The processing taxonomy uses the concept [=Store=] to indicate data is being stored. To specify additionally information such as its location, erasure or deletion, the generic concepts and relations associated with processing (i.e. location and duration) can be used. However, to emphasise that information about storage - such as policies, conditions, rules, or documentation - are critical on considerations of data protection and privacy as well as legal compliance, DPV provide specific concepts related to these.

The concept [=StorageCondition=] and the relation [=hasStorageCondition=] represent the general or abstract conditions associated with storage of data. This is specialised to indicate [=StorageDuration=], [=StorageDeletion=], [=StorageRestoration=], and [=StorageLocation=]. This enables a document to directly specify information such as: "storage duration is 6 months" or "storage restoration uses 3 geo-distinct backup servers".

For declaring the source of data, the [=DataSource=] concept along with [=hasDataSource=] relationship is provided to indicate where the data is collected or acquired from. For example, data can be obtained from the data subject directly (e.g. given via forms) or indirectly (e.g observed from activity, or inferred from existing data), or from another entity such as a third party.

DPV provides AutomationOfProcessing to represent the degree of automation, and the relation hasProcessingAutomation to associate it with contextual concepts. The degrees of automation are represented by FullyAutomatedProcessing, PartiallyAutomatedProcessing, and CompletelyManualProcessing.

To represent how humans are involved, the concept [=HumanInvolvement=] and relation [=hasHumanInvolvement=] are provided. Specific types of [=HumanInvolvement=] include [=HumanInvolvementForOversight=], and [=HumanInvolvementForVerification=].

To indicate more specific applications: [=DecisionMaking=] and [=AutomatedDecisionMaking=] refer to use of processing to make decisions, [=AlgorithmicLogic=] for explaining the use of algorithms and specifics of processing logic, [=EvaluationScoring=] to indicate the processing evaluates or assigns scores (or metrics), [=InnovativeUseOfNewTechnologies=] to indicate there are innovative uses of novel technologies, and [=SystematicMonitoring=] to indicate the processing performs a systematic (or systemic) monitoring. These additional concepts are intended to model areas or topics that are considered sensitive or high-risk or require caution.

  • dpv:AlgorithmicLogic: The algorithmic logic applied or used go to full definition
  • dpv:AutomationLevel: Indication of degree or level of automation associated with specified context go to full definition
    • dpv:AssistiveAutomation: Level of automation corresponding to Level 1 in ISO/IEC 22989:2022 where automation is limited to parts of the system or a specific part of the system in a manner that does not change the control of the human in using/driving the system go to full definition
    • dpv:Autonomous: Level of automation corresponding to Level 6 in ISO/IEC 22989:2022 where the automation in system is capable of modifying its operation domain or its goals without external intervention, control or oversight go to full definition
    • dpv:ConditionalAutomation: Level of automation corresponding to Level 3 in ISO/IEC 22989:2022 where the automation is sufficient to perform most tasks of the system with the human present to take over where necessary go to full definition
    • dpv:FullAutomation: Level of automation corresponding to Level 5 in ISO/IEC 22989:2022 where the automation in system is capable of performing all its tasks regardless of the conditions without human involvement go to full definition
    • dpv:HighAutomation: Level of automation corresponding to Level 4 in ISO/IEC 22989:2022 where the automation in system is capable of performing all its tasks within specific controlled conditions without human involvement go to full definition
    • dpv:NotAutomated: Level of automation corresponding to Level 0 in ISO/IEC 22989:2022 where there is no automation in the system go to full definition
    • dpv:PartialAutomation: Level of automation corresponding to Level 2 in ISO/IEC 22989:2022 where the automation is present in multiple parts of the system or in a manner that does not require the human to contro/use these parts while still retaining control over the system go to full definition
  • dpv:DataSource: The source or origin of data go to full definition
    • dpv:DataControllerDataSource: Data Sourced from Data Controller(s), e.g. a Controller inferring data or generating data go to full definition
    • dpv:DataSubjectDataSource: Data Sourced from Data Subject(s), e.g. when data is collected via a form or observed from their activities go to full definition
    • dpv:NonPublicDataSource: A source of data that is not publicly accessible or available go to full definition
    • dpv:PublicDataSource: A source of data that is publicly accessible or available go to full definition
    • dpv:ThirdPartyDataSource: Data Sourced from a Third Party, e.g. when data is collected from an entity that is neither the Controller nor the Data Subject go to full definition
  • dpv:DecisionMaking: Processing that involves decision making go to full definition
  • dpv:EntityInvolvement: Involvement of an entity in specific context go to full definition
    • dpv:EntityActiveInvolvement: Involvement where entity is 'actively' involved go to full definition
    • dpv:EntityNonPermissiveInvolvement: Involvement of an entity in specific context where it is not permitted or able to do something go to full definition
      • dpv:CannotChallengeProcess: Involvement where entity cannot challenge the process of specified context go to full definition
      • dpv:CannotChallengeProcessInput: Involvement where entity cannot challenge input of specified context go to full definition
      • dpv:CannotChallengeProcessOutput: Involvement where entity cannot challenge the output of specified context go to full definition
      • dpv:CannotCorrectProcess: Involvement where entity cannot correct the process of specified context go to full definition
      • dpv:CannotCorrectProcessInput: Involvement where entity cannot correct input of specified context go to full definition
      • dpv:CannotCorrectProcessOutput: Involvement where entity cannot correct the output of specified context go to full definition
      • dpv:CannotObjectToProcess: Involvement where entity cannot object to process of specified context go to full definition
      • dpv:CannotOptInToProcess: Involvement where entity cannot opt-in to specified context go to full definition
      • dpv:CannotOptOutFromProcess: Involvement where entity cannot opt-out from specified context go to full definition
      • dpv:CannotReverseProcessEffects: Involvement where entity cannot reverse effects of specified context go to full definition
      • dpv:CannotReverseProcessInput: Involvement where entity cannot reverse input of specified context go to full definition
      • dpv:CannotReverseProcessOutput: Involvement where entity cannot reverse output of specified context go to full definition
      • dpv:CannotWithdrawFromProcess: Involvement where entity cannot withdraw a previously given assent from specified context go to full definition
    • dpv:EntityPassiveInvolvement: Involvement where entity is 'passively' or 'not actively' involved go to full definition
    • dpv:EntityPermissiveInvolvement: Involvement of an entity in specific context where it is permitted or able to do something go to full definition
      • dpv:ChallengingProcess: Involvement where entity can challenge the process of specified context go to full definition
      • dpv:ChallengingProcessInput: Involvement where entity can challenge input of specified context go to full definition
      • dpv:ChallengingProcessOutput: Involvement where entity can challenge the output of specified context go to full definition
      • dpv:CorrectingProcess: Involvement where entity can correct the process of specified context go to full definition
      • dpv:CorrectingProcessInput: Involvement where entity can correct input of specified context go to full definition
      • dpv:CorrectingProcessOutput: Involvement where entity can correct the output of specified context go to full definition
      • dpv:ObjectingToProcess: Involvement where entity can object to process of specified context go to full definition
      • dpv:OptingInToProcess: Involvement where entity can opt-in to specified context go to full definition
      • dpv:OptingOutFromProcess: Involvement where entity can opt-out from specified context go to full definition
      • dpv:ReversingProcessEffects: Involvement where entity can reverse effects of specified context go to full definition
      • dpv:ReversingProcessInput: Involvement where entity can reverse input of specified context go to full definition
      • dpv:ReversingProcessOutput: Involvement where entity can reverse output of specified context go to full definition
      • dpv:WithdrawingFromProcess: Involvement where entity can withdraw a previously given assent from specified context go to full definition
    • dpv:HumanInvolvement: The involvement of humans in specified context go to full definition
      • dpv:HumanInvolved: Humans are involved in the specified context go to full definition
      • dpv:HumanInvolvementForControl: Human involvement for the purposes of exercising control over the specified operations in context go to full definition
      • dpv:HumanInvolvementForDecision: Human involvement for the purposes of exercising decisions over the specified operations in context go to full definition
      • dpv:HumanInvolvementForInput: Human involvement for the purposes of providing inputs to the specified context go to full definition
      • dpv:HumanInvolvementForIntervention: Human involvement for the purposes of exercising interventions over the specified operations in context go to full definition
      • dpv:HumanInvolvementForOversight: Human involvement for the purposes of having oversight over the specified context regarding its operations, inputs, or outputs go to full definition
      • dpv:HumanInvolvementForVerification: Human involvement for the purposes of verification of specified context to ensure its operations, inputs, or outputs are correct or are acceptable. go to full definition
      • dpv:HumanNotInvolved: Humans are not involved in the specified context go to full definition
  • dpv:EvaluationScoring: Processing that involves evaluation and scoring of individuals go to full definition
  • dpv:InnovativeUseOfTechnology: Indicates that technology is being used in an innovative manner go to full definition
    • dpv:InnovativeUseOfExistingTechnology: Involvement of existing technologies used in an innovative manner go to full definition
    • dpv:InnovativeUseOfNewTechnologies: Involvement of a new (innovative) technologies go to full definition
  • dpv:ProcessingCondition: Conditions required or followed regarding processing of data or use of technologies go to full definition
    • dpv:ProcessingDuration: Duration or temporal limitation for processing go to full definition
    • dpv:ProcessingLocation: Location or geospatial scope where processing takes places go to full definition
    • dpv:StorageCondition: Conditions required or followed regarding storage of data go to full definition
      • dpv:StorageDeletion: Deletion or Erasure of data including any deletion guarantees go to full definition
      • dpv:StorageDuration: Duration or temporal limitation on storage of data go to full definition
      • dpv:StorageLocation: Location or geospatial scope where the data is stored go to full definition
      • dpv:StorageRestoration: Regularity and temporal span of data restoration/backup mechanisms that guarantee that data is preserved go to full definition
  • dpv:SystematicMonitoring: Processing that involves systematic monitoring of individuals go to full definition

Scale of Processing

DPV provides (qualitative) scales for expressing Data Volume, Data subjects, and Geographical Coverage of processing. Along with these, DPV also provides a Processing Scale to express combinations of these. NOTE: The actual meaning or quantified amounts for each concept are not defined due to their interpretation based on contextual factors such as legislations, guidelines, domains, and variations across industries.

  • dpv:DataSubjectScale: Scale of Data Subject(s) go to full definition
    • dpv:HugeScaleOfDataSubjects: Scale of data subjects considered huge or more than large within the context go to full definition
    • dpv:LargeScaleOfDataSubjects: Scale of data subjects considered large within the context go to full definition
    • dpv:MediumScaleOfDataSubjects: Scale of data subjects considered medium i.e. neither large nor small within the context go to full definition
    • dpv:SingularScaleOfDataSubjects: Scale of data subjects considered singular i.e. a specific data subject go to full definition
    • dpv:SmallScaleOfDataSubjects: Scale of data subjects considered small or limited within the context go to full definition
    • dpv:SporadicScaleOfDataSubjects: Scale of data subjects considered sporadic or sparse within the context go to full definition
  • dpv:DataVolume: Volume or Scale of Data go to full definition
    • dpv:HugeDataVolume: Data volume that is considered huge or more than large within the context go to full definition
    • dpv:LargeDataVolume: Data volume that is considered large within the context go to full definition
    • dpv:MediumDataVolume: Data volume that is considered medium i.e. neither large nor small within the context go to full definition
    • dpv:SingularDataVolume: Data volume that is considered singular i.e. a specific instance or single item go to full definition
    • dpv:SmallDataVolume: Data volume that is considered small or limited within the context go to full definition
    • dpv:SporadicDataVolume: Data volume that is considered sporadic or sparse within the context go to full definition
  • dpv:GeographicCoverage: Indicate of scale in terms of geographic coverage go to full definition
  • dpv:ProcessingScale: Scale of Processing go to full definition
    • dpv:LargeScaleProcessing: Processing that takes place at large scales (as specified by some criteria) go to full definition
    • dpv:MediumScaleProcessing: Processing that takes place at medium scales (as specified by some criteria) go to full definition
    • dpv:SmallScaleProcessing: Processing that takes place at small scales (as specified by some criteria) go to full definition

Tech/Org Measures

Overview of Technical & Organisational Measures taxonomy in DPV (click to open in new window)

Please refer to Tech & Org measures page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the Tech & Org measures concepts.

DPV's taxonomy of tech/org measures are structured into two groups representing and [=TechnicalMeasure=] and [=OrganisationalMeasure=] along with specific properties for each. Each term has a dedicated taxonomy that expands upon the core idea to provide a rich list of technial and organisational measures that are intended to protect personal data (and its associated entities and consequences).

This taxonomy also includes relations that are associated with measures, such as [=hasNotice=] or [=hasPolicy=], which are generic and can be applied to other contexts (e.g. notice for consent, policy for data storage).

Technical Measures

Overview of Technical Measures taxonomy in DPV (click to open in new window)
  • dpv:AccessControlMethod: Methods which restrict access to a place or resource go to full definition
    • dpv:UsageControl: Management of usage, which is intended to be broader than access control and may cover trust, digital rights, or other relevant controls go to full definition
  • dpv:ActivityMonitoring: Monitoring of activities including assessing whether they have been successfully initiated and completed go to full definition
  • dpv:AuthenticationProtocols: Protocols involving validation of identity i.e. authentication of a person or information go to full definition
    • dpv:BiometricAuthentication: Use of biometric data for authentication go to full definition
    • dpv:CryptographicAuthentication: Use of cryptography for authentication go to full definition
      • dpv:Authentication-ABC: Use of Attribute Based Credentials (ABC) to perform and manage authentication go to full definition
      • dpv:Authentication-PABC: Use of Privacy-enhancing Attribute Based Credentials (ABC) to perform and manage authentication go to full definition
      • dpv:HashMessageAuthenticationCode: Use of HMAC where message authentication code (MAC) utilise a cryptographic hash function and a secret cryptographic key go to full definition
      • dpv:MessageAuthenticationCodes: Use of cryptographic methods to authenticate messages go to full definition
    • dpv:MultiFactorAuthentication: An authentication system that uses two or more methods to authenticate go to full definition
    • dpv:PasswordAuthentication: Use of passwords to perform authentication go to full definition
    • dpv:SingleSignOn: Use of credentials or processes that enable using one set of credentials to authenticate multiple contexts. go to full definition
    • dpv:ZeroKnowledgeAuthentication: Authentication using Zero-Knowledge proofs go to full definition
  • dpv:AuthorisationProtocols: Protocols involving authorisation of roles or profiles to determine permission, rights, or privileges go to full definition
  • dpv:CryptographicMethods: Use of cryptographic methods to perform tasks go to full definition
    • dpv:AsymmetricCryptography: Use of public-key cryptography or asymmetric cryptography involving a public and private pair of keys go to full definition
    • dpv:CryptographicAuthentication: Use of cryptography for authentication go to full definition
      • dpv:Authentication-ABC: Use of Attribute Based Credentials (ABC) to perform and manage authentication go to full definition
      • dpv:Authentication-PABC: Use of Privacy-enhancing Attribute Based Credentials (ABC) to perform and manage authentication go to full definition
      • dpv:HashMessageAuthenticationCode: Use of HMAC where message authentication code (MAC) utilise a cryptographic hash function and a secret cryptographic key go to full definition
      • dpv:MessageAuthenticationCodes: Use of cryptographic methods to authenticate messages go to full definition
    • dpv:CryptographicKeyManagement: Management of cryptographic keys, including their generation, storage, assessment, and safekeeping go to full definition
    • dpv:DifferentialPrivacy: Utilisation of differential privacy where information is shared as patterns or groups to withhold individual elements go to full definition
    • dpv:DigitalSignatures: Expression and authentication of identity through digital information containing cryptographic signatures go to full definition
    • dpv:HashFunctions: Use of hash functions to map information or to retrieve a prior categorisation go to full definition
    • dpv:HomomorphicEncryption: Use of Homomorphic encryption that permits computations on encrypted data without decrypting it go to full definition
    • dpv:PostQuantumCryptography: Use of algorithms that are intended to be secure against cryptanalytic attack by a quantum computer go to full definition
    • dpv:PrivacyPreservingProtocol: Use of protocols designed with the intention of provided additional guarantees regarding privacy go to full definition
    • dpv:PrivateInformationRetrieval: Use of cryptographic methods to retrieve a record from a system without revealing which record is retrieved go to full definition
    • dpv:QuantumCryptography: Cryptographic methods that utilise quantum mechanical properties to perform cryptographic tasks go to full definition
    • dpv:SecretSharingSchemes: Use of secret sharing schemes where the secret can only be reconstructed through combination of sufficient number of individuals go to full definition
    • dpv:SecureMultiPartyComputation: Use of cryptographic methods for entities to jointly compute functions without revealing inputs go to full definition
    • dpv:SymmetricCryptography: Use of cryptography where the same keys are utilised for encryption and decryption of information go to full definition
    • dpv:TrustedComputing: Use of cryptographic methods to restrict access and execution to trusted parties and code go to full definition
    • dpv:TrustedExecutionEnvironment: Use of cryptographic methods to restrict access and execution to trusted parties and code within a dedicated execution environment go to full definition
    • dpv:ZeroKnowledgeAuthentication: Authentication using Zero-Knowledge proofs go to full definition
  • dpv:DataBackupProtocols: Protocols or plans for backing up of data go to full definition
  • dpv:DataSanitisationTechnique: Cleaning or any removal or re-organisation of elements in data based on selective criteria go to full definition
    • dpv:DataRedaction: Removal of sensitive information from a data or document go to full definition
    • dpv:Deidentification: Removal of identity or information to reduce identifiability go to full definition
      • dpv:Anonymisation: Anonymisation is the process by which data is irreversibly altered in such a way that a data subject can no longer be identified directly or indirectly, either by the entity holding the data alone or in collaboration with other entities and information sources go to full definition
      • dpv:Pseudonymisation: Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person; go to full definition
        • dpv:DeterministicPseudonymisation: Pseudonymisation achieved through a deterministic function go to full definition
        • dpv:DocumentRandomisedPseudonymisation: Use of randomised pseudonymisation where the same elements are assigned different values in the same document or database go to full definition
        • dpv:FullyRandomisedPseudonymisation: Use of randomised pseudonymisation where the same elements are assigned different values each time they occur go to full definition
        • dpv:MonotonicCounterPseudonymisation: A simple pseudonymisation method where identifiers are substituted by a number chosen by a monotonic counter go to full definition
        • dpv:RNGPseudonymisation: A pseudonymisation method where identifiers are substituted by a number chosen by a Random Number Generator (RNG) go to full definition
  • dpv:DigitalRightsManagement: Management of access, use, and other operations associated with digital content go to full definition
  • dpv:Encryption: Technical measures consisting of encryption go to full definition
    • dpv:AsymmetricEncryption: Use of asymmetric cryptography to encrypt data go to full definition
    • dpv:EncryptionAtRest: Encryption of data when being stored (persistent encryption) go to full definition
    • dpv:EncryptionInTransfer: Encryption of data in transit e.g. when being transferred from one location to another, including sharing go to full definition
    • dpv:EncryptionInUse: Encryption of data when it is being used go to full definition
    • dpv:EndToEndEncryption: Encrypted communications where data is encrypted by the sender and decrypted by the intended receiver to prevent access to any third party go to full definition
    • dpv:SymmetricEncryption: Use of symmetric cryptography to encrypt data go to full definition
  • dpv:InformationFlowControl: Use of measures to control information flows go to full definition
  • dpv:SecurityMethod: Methods that relate to creating and providing security go to full definition
    • dpv:DistributedSystemSecurity: Security implementations provided using or over a distributed system go to full definition
    • dpv:DocumentSecurity: Security measures enacted over documents to protect against tampering or restrict access go to full definition
    • dpv:FileSystemSecurity: Security implemented over a file system go to full definition
    • dpv:HardwareSecurityProtocols: Security protocols implemented at or within hardware go to full definition
    • dpv:IntrusionDetectionSystem: Use of measures to detect intrusions and other unauthorised attempts to gain access to a system go to full definition
    • dpv:MobilePlatformSecurity: Security implemented over a mobile platform go to full definition
    • dpv:NetworkProxyRouting: Use of network routing using proxy go to full definition
    • dpv:NetworkSecurityProtocols: Security implemented at or over networks protocols go to full definition
    • dpv:OperatingSystemSecurity: Security implemented at or through operating systems go to full definition
    • dpv:PenetrationTestingMethods: Use of penetration testing to identify weaknesses and vulnerabilities through simulations go to full definition
    • dpv:UseSyntheticData: Use of synthetic data to preserve privacy, security, or other effects and side-effects go to full definition
    • dpv:VirtualisationSecurity: Security implemented at or through virtualised environments go to full definition
    • dpv:VulnerabilityTestingMethods: Methods that assess or discover vulnerabilities in a system go to full definition
    • dpv:WebBrowserSecurity: Security implemented at or over web browsers go to full definition
    • dpv:WebSecurityProtocols: Security implemented at or over web-based protocols go to full definition
    • dpv:WirelessSecurityProtocols: Security implemented at or over wireless communication protocols go to full definition

Organisational Measures

Overview of Organisational Measures taxonomy in DPV (click to open in new window)
  • dpv:Assessment: The document, plan, or process for assessment or determination towards a purpose e.g. assessment of legality or impact assessments go to full definition
    • dpv:ComplianceAssessment: Assessment regarding compliance (e.g. internal policy, regulations) go to full definition
    • dpv:ConformanceAssessment: Assessment regarding conformance with standards or norms or guidelines or similar instruments go to full definition
    • dpv:DataInteroperabilityAssessment: Measures associated with assessment of data interoperability go to full definition
    • dpv:DataQualityAssessment: Measures associated with assessment of data quality go to full definition
    • dpv:EffectivenessDeterminationProcedures: Procedures intended to determine effectiveness of other measures go to full definition
    • dpv:LegitimateInterestAssessment: Indicates an assessment regarding the use of legitimate interest as a lawful basis by the data controller go to full definition
  • dpv:CertificationSeal: Certifications, seals, and marks indicating compliance to regulations or practices go to full definition
    • dpv:Certification: Certification mechanisms, seals, and marks for the purpose of demonstrating compliance go to full definition
    • dpv:Seal: A seal or a mark indicating proof of certification to some certification or standard go to full definition
  • dpv:Consultation: Consultation is a process of receiving feedback, advice, or opinion from an external agency go to full definition
    • dpv:ConsultationWithAuthority: Consultation with an authority or authoritative entity go to full definition
    • dpv:ConsultationWithDataSubject: Consultation with data subject(s) or their representative(s) go to full definition
      • dpv:ConsultationWithDataSubjectRepresentative: Consultation with representative of data subject(s) go to full definition
    • dpv:ConsultationWithDPO: Consultation with Data Protection Officer(s) go to full definition
  • dpv:DigitalLiteracy: Providing skills, knowledge, and understanding to enable reading, writing, analysing, reasoning, and communicating regarding digital technologies and their implications go to full definition
    • dpv:AILiteracy: Providing skills, knowledge, and understanding to enable reading, writing, analysing, reasoning, and communicating regarding AI go to full definition
    • dpv:DataLiteracy: Providing skills, knowledge, and understanding to enable reading, writing, analysing, reasoning, and communicating regarding data go to full definition
  • dpv:GovernanceProcedures: Procedures related to governance (e.g. organisation, unit, team, process, system) go to full definition
    • dpv:AssetManagementProcedures: Procedures related to management of assets go to full definition
    • dpv:ComplianceMonitoring: Monitoring of compliance (e.g. internal policy, regulations) go to full definition
    • dpv:DisasterRecoveryProcedures: Procedures related to management of disasters and recovery go to full definition
    • dpv:IncidentManagementProcedures: Procedures related to management of incidents go to full definition
    • dpv:IncidentReportingCommunication: Procedures related to management of incident reporting go to full definition
    • dpv:Policy: A guidance document outlining any of: procedures, plans, principles, decisions, intent, or protocols. go to full definition
    • dpv:ReviewProcedure: A procedure or process that reviews the correctness and validity of other procedures and policies e.g. to ensure continued validity, adequacy for intended purposes, and conformance of processes with findings go to full definition
      • dpv:ReviewImpactAssessment: Procedures to review impact assessments in terms of continued validity, adequacy for intended purposes, and conformance of processes with findings go to full definition
    • dpv:StandardsConformance: Purposes associated with activities undertaken to ensure or achieve conformance with standards go to full definition
  • dpv:GuidelinesPrinciple: Guidelines or Principles regarding processing and operational measures go to full definition
    • dpv:CodeOfConduct: A set of rules or procedures outlining the norms and practices for conducting activities go to full definition
    • dpv:DesignStandard: A set of rules or guidelines outlining criterias for design go to full definition
    • dpv:Guideline: Practices that specify how activities must be conducted go to full definition
    • dpv:Princple: A representation of values or norms that must be taken into consideration when conducting activities go to full definition
    • dpv:PrivacyByDefault: Practices regarding setting the default configurations of information and services to implement data protection and privacy (synonymous with Data Protection by Default) go to full definition
    • dpv:PrivacyByDesign: Practices regarding incorporating data protection and privacy in the design of information and services (synonymous with Data Protection by Design) go to full definition
  • dpv:Notice: A notice is an artefact for providing information, choices, or controls go to full definition
    • dpv:DataTransferNotice: Notice for the legal entity for the transfer of its data go to full definition
    • dpv:PrivacyNotice: Represents a notice or document outlining information regarding privacy go to full definition
    • dpv:SecurityIncidentNotice: A notice providing information about security incident(s) go to full definition
      • dpv:DataBreachNotifice: A notice providing information about data breach(es) i.e. unauthorised transfer, access, use, or modification of data go to full definition
  • dpv:Notification: Notification represents the provision of a notice i.e. notifying go to full definition
    • dpv:SecurityIncidentNotification: Notification of information about security incident(s) go to full definition
      • dpv:DataBreachNotification: Notification of information about data breach(es) i.e. unauthorised transfer, access, use, or modification of data go to full definition
  • dpv:RecordsOfActivities: Records of activities within some context such as maintainence tasks or governance functions go to full definition
  • dpv:RightsManagement: Methods associated with rights management where 'rights' refer to controlling who can do what with a resource go to full definition
    • dpv:DataSubjectRightsManagement: Methods to provide, implement, and exercise data subjects' rights go to full definition
    • dpv:IPRManagement: Management of Intellectual Property Rights with a view to identify and safeguard and enforce them go to full definition
    • dpv:PermissionManagement: Methods to obtain, provide, modify, and withdraw permissions alongwith maintaining a record of permissions, retrieving records, and processing changes in permission states go to full definition
      • dpv:ConsentManagement: Methods to obtain, provide, modify, and withdraw consent alongwith maintaining a record of consent, retrieving records, and processing changes in consent states go to full definition
  • dpv:Safeguard: A safeguard is a precautionary measure for the protection against or mitigation of negative effects go to full definition
    • dpv:RegulatorySandbox: Mechanism used by regulators and businesses for gauging the compatibility of regulations and innovative products, particularly in the context of digitalisation, in a controlled real-world environment with appropriate safeguards in place go to full definition
    • dpv:SafeguardForDataTransfer: Represents a safeguard used for data transfer. Can include technical or organisational measures. go to full definition
  • dpv:SecurityProcedure: Procedures associated with assessing, implementing, and evaluating security go to full definition
    • dpv:AuthorisationProcedure: Procedures for determining authorisation through permission or authority go to full definition
      • dpv:CredentialManagement: Management of credentials and their use in authorisations go to full definition
      • dpv:IdentityManagementMethod: Management of identity and identity-based processes go to full definition
    • dpv:BackgroundChecks: Procedure where the background of an entity is assessed to identity vulnerabilities and threats due to their current or intended role go to full definition
    • dpv:DataSecurityManagement: Measures associated with management of data security go to full definition
    • dpv:SecureProcessingEnvironment: A physical or virtual environment supported by organisational means that integrates security and compliance requirements and allows supervising data processing actions go to full definition
    • dpv:SecurityRoleProcedures: Procedures related to security roles go to full definition
    • dpv:ThirdPartySecurityProcedures: Procedures related to security associated with Third Parties go to full definition
  • dpv:StaffTraining: Practices and policies regarding training of staff members go to full definition
    • dpv:CybersecurityTraining: Training methods related to cybersecurity go to full definition
    • dpv:DataProtectionTraining: Training intended to increase knowledge regarding data protection go to full definition
    • dpv:EducationalTraining: Training methods that are intended to provide education on topic(s) go to full definition
    • dpv:ProfessionalTraining: Training methods that are intended to provide professional knowledge and expertise go to full definition
    • dpv:SecurityKnowledgeTraining: Training intended to increase knowledge regarding security go to full definition
  • dpv:SupportEntityDecisionMaking: Supporting entities, including individuals, in making decisions go to full definition
    • dpv:SupportContractNegotiation: Supporting entities, including individuals, with negotiating a contract and its terms and conditions go to full definition
    • dpv:SupportExchangeOfViews: Supporting inviduals and entities in exchanging views e.g. regarding data processing purposes for their best interests go to full definition
    • dpv:SupportInformedConsentDecision: Supporting individuals with making a decision regarding their informed consent go to full definition

Physical Measures

Overview of Physical Measures taxonomy in DPV (click to open in new window)
  • dpv:EnvironmentalProtection: Physical protection against environmental threats such as fire, floods, storms, etc. go to full definition
  • dpv:PhysicalAuthentication: Physical implementation of authentication e.g. by matching the person to their ID card go to full definition
  • dpv:PhysicalAuthorisation: Physical implementation of authorisation e.g. by stamping a visitor pass go to full definition
  • dpv:PhysicalDeviceSecurity: Physical protection for devices and equipment go to full definition
  • dpv:PhysicalInterceptionProtection: Physical protection against interception e.g. by posting a guard go to full definition
  • dpv:PhysicalInterruptionProtection: Physical protection against interruptions e.g. electrical supply interruption go to full definition
  • dpv:PhysicalNetworkSecurity: Physical protection for networks and networking related infrastructure e.g. by isolating networking equipments go to full definition
  • dpv:PhysicalSecureStorage: Physical protection for storage of information or equipment e.g. secure storage for files go to full definition
  • dpv:PhysicalSupplySecurity: Physically securing the supply of resources go to full definition
  • dpv:PhysicalSurveillance: Physically monitoring areas via surveillance go to full definition

General Context

Please refer to context page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the context concepts.

Duration and Frequency

To express the duration of events or operations, such as how long processing will take or the validity of consent, the concept [=Duration=] can be used. Duration is indicated using the relation [=hasDuration=], and has the following subtypes:

[=Frequency=] indicates how frequently something occurs. Statistically, this can be expressed as the combination of number of occurences and a time period, which can further be expressed as a probabilitic value or a percentage. For example, for something occuring once every year, the frequency is: 1 or 100% for 1 year. While such quantified representations are important for determining metrics and performing operations, DPV focuses on the qualitative labelling of such representations within a specific context.

The relation [=hasFrequency=] associates a frequency with a context, and can be expressed using the following subtypes:

DPV provides two subtypes of concepts to denote contextual - [=Importance=] and [=Necessity=], which can be applied to specific contexts such as [=PersonalDataHandling=], [=Purpose=], [=PersonalData=].

[=Importance=] is similar in application to [=Necessity=], and provides a way to indicate how central or significant the indicated operation(s) are to the context (e.g. to the Controller). Subtypes of importance are [=PrimaryImportance=] to indicate 'main' or 'central' or 'primary' importance, and [=SecondaryImportance=] to indicate 'auxiliary' or 'peripheral' or 'secondary' importance.

[=Necessity=] enables specifying whether the contextual information is [=Required=], is [=Optional=], or is [=NotRequired=]. These can be used to indicate, for example, which parts of processing operations (e.g. purposes, personal data) are optional, and whether a particular processing operation is required to be carried out.

  • dpv:Applicability: Concept provided to represent indication of cases where the information or context is not applicable (N/A) or not available or this is not known or determined yet. If the information is applicable and available, this concept should not be used. go to full definition
    • dpv:NotApplicable: Concept indicating the information or context is not applicable go to full definition
    • dpv:NotAvailable: Concept indicating the information or context is applicable but information is not yet available go to full definition
    • dpv:UnknownApplicability: Concept indicating information or context availability is unknown i.e. it is not known if the information exists or is applicable and therefore statements about its availability cannot be made (yet) go to full definition
  • dpv:Duration: The duration or temporal limitation go to full definition
    • dpv:EndlessDuration: Duration that is (known or intended to be) open ended or without an end go to full definition
    • dpv:FixedOccurencesDuration: Duration that takes place a fixed number of times e.g. 3 times go to full definition
    • dpv:IndeterminateDuration: Duration that is indeterminate or cannot be determined go to full definition
    • dpv:TemporalDuration: Duration that has a fixed temporal duration e.g. 6 months go to full definition
    • dpv:UntilEventDuration: Duration that takes place until a specific event occurs e.g. Account Closure go to full definition
    • dpv:UntilTimeDuration: Duration that has a fixed end date e.g. 2022-12-31 go to full definition
  • dpv:Frequency: The frequency or information about periods and repetitions in terms of recurrence. go to full definition
    • dpv:ContinousFrequency: Frequency where occurences are continous go to full definition
    • dpv:OftenFrequency: Frequency where occurences are often or frequent, but not continous go to full definition
    • dpv:SingularFrequency: Frequency where occurences are singular i.e. they take place only once go to full definition
    • dpv:SporadicFrequency: Frequency where occurences are sporadic or infrequent or sparse go to full definition
  • dpv:Importance: An indication of 'importance' within a context go to full definition
    • dpv:PrimaryImportance: Indication of 'primary' or 'main' or 'core' importance go to full definition
    • dpv:SecondaryImportance: Indication of 'secondary' or 'minor' or 'auxiliary' importance go to full definition
  • dpv:Justification: A form of documentation providing reaosns, explanations, or justifications go to full definition
  • dpv:Necessity: An indication of 'necessity' within a context go to full definition
  • dpv:Scope: Indication of the extent or range or boundaries associated with(in) a context go to full definition

Status

To assist with expressing the state or status associated with various activities, DPV provides the [=Status=] concept that can be associated contextually using the [=hasStatus=] relation. Specific subtypes are provided as [=ActivityStatus=], [=ComplianceStatus=] including [=Lawfulness=], [=AuditStatus=], [=ConformanceStatus=], and [=RequestStatus=].

[=ActivityStatus=] represents a state or status of an activity's operations and lifecycle, which includes [=ActivityProposed=], [=ActivityOngoing=], [=ActivityHalted=], [=ActivityCompleted=], and [=ActivityNotCompleted=].

[=ComplianceStatus=] represents status associated with compliance with some norms, objectives, or requirements. Types include [=Compliant=], [=PartiallyCompliant=], [=NonCompliant=], [=ComplianceViolation=], [=ComplianceUnknown=], [=ComplianceIndeterminate=]. The association with a law or objective can be specified using [=hasApplicableLaw=] or [=hasPolicy=] directly for the status or indirectly through the concept whose status is being represented.

[=Lawfulness=] represents a special type of [=ComplianceStatus=] which relates to legal compliance, or lawfulness, and has types [=Lawful=], [=Unlawful=], and [=LawfulnessUnkown=].

[=AuditStatus=] represents the state or status of an audit, where the term audit is loosely defined, and may or may not relate to legal compliance - for e.g. for impact assessments, or as part of certification, or organisational quality assurance processes. Types of audits include [=AuditApproved=], [=AuditConditionallyApproved=], [=AuditRejected=], [=AuditRequested=], [=AuditNotRequired=], and [=AuditRequired=].

[=ConformanceStatus=] represents the status of conformance, which is defined distinctly from compliance by considering voluntary association or following of a guideline, requirement, standard, or policy, and where compliance is related to the (legal or other systematically defined) conformity of a given system or use-case with rules which may dictate obligations and prohibitions that must be followed. To provide an illustrative example, consider conformance with a standard on best practices regarding security may assist in the demonstration of compliance with a legal norm requiring organisational measures of security. Types of conformance defined are: [=Conformant=] and [=NonConformant=].

[=RequestStatus=] represents the state or status of requests, which can be between entities such as data subjects and controllers regarding exercising of rights, or between controllers and processors regarding processing operations, or between authorities and controllers regarding compliance related communications. Types of request statues are: [=RequestInitiated=], [=RequestAcknowledged=], [=RequestAccepted=], [=RequestRejected=], [=RequestFulfilled=], [=RequestUnfulfilled=], [=RequestRequiresAction=], [=RequestRequiredActionPerformed=], [=RequestActionDelayed=], and [=RequestStatusQuery=].

  • dpv:ActivityStatus: Status associated with activity operations and lifecycles go to full definition
    • dpv:ActivityCompleted: State of an activity that has completed i.e. is fully in the past go to full definition
    • dpv:ActivityHalted: State of an activity that was occuring in the past, and has been halted or paused or stoped go to full definition
    • dpv:ActivityNotCompleted: State of an activity that could not be completed, but has reached some end state go to full definition
    • dpv:ActivityOngoing: State of an activity occuring in continuation i.e. currently ongoing go to full definition
    • dpv:ActivityPlanned: State of an activity being planned with concrete plans for implementation go to full definition
    • dpv:ActivityProposed: State of an activity being proposed without any concrete plans for implementation go to full definition
  • dpv:AuditStatus: Status associated with Auditing or Investigation go to full definition
  • dpv:ComplianceStatus: Status associated with Compliance with some norms, objectives, or requirements go to full definition
    • dpv:ComplianceIndeterminate: State where the status of compliance has not been fully assessed, evaluated, or determined go to full definition
    • dpv:ComplianceUnknown: State where the status of compliance is unknown go to full definition
    • dpv:ComplianceViolation: State where compliance cannot be achieved due to requirements being violated go to full definition
    • dpv:Compliant: State of being fully compliant go to full definition
    • dpv:Lawfulness: Status associated with expressing lawfullness or legal compliance go to full definition
    • dpv:NonCompliant: State of non-compliance where objectives have not been met, but have not been violated go to full definition
    • dpv:PartiallyCompliant: State of partially being compliant i.e. only some objectives have been met, and others have not been in violation go to full definition
  • dpv:ConformanceStatus: Status associated with conformance to a standard, guideline, code, or recommendation go to full definition
  • dpv:EntityInformedStatus: Status indicating whether an entity is informed or uninformed about specified context go to full definition
    • dpv:EntityInformed: Status indicating entity has been informed about specified context go to full definition
      • dpv:AuthorityInformed: Status indicating Authority has been informed about the specified context go to full definition
      • dpv:ControllerInformed: Status indicating Controller has been informed about the specified context go to full definition
      • dpv:DataSubjectInformed: Status indicating DataSubject has been informed about the specified context go to full definition
      • dpv:RecipientInformed: Status indicating Recipient has been informed about the specified context go to full definition
    • dpv:EntityUninformed: Status indicating entity is uninformed i.e. has been not been informed about specified context go to full definition
      • dpv:AuthorityUninformed: Status indicating Authority is uninformed i.e. has not been informed about the specified context go to full definition
      • dpv:ControllerUninformed: Status indicating Controller is uninformed i.e. has not been informed about the specified context go to full definition
      • dpv:DataSubjectUninformed: Status indicating DataSubject is uninformed i.e. has not been informed about the specified context go to full definition
      • dpv:RecipientUninformed: Status indicating Recipient is uninformed i.e. has not been informed about the specified context go to full definition
  • dpv:IntentionStatus: Status indicating whether the specified context was intended or unintended go to full definition
  • dpv:InvolvementStatus: Status indicating whether the involvement of specified context go to full definition
  • dpv:NotificationStatus: Status indicating whether notification(s) are planned, completed, or failed go to full definition
  • dpv:RequestStatus: Status associated with requests go to full definition

Location & Jurisdiction

Please refer to location & jurisdiction page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the location & jurisdiction concepts.

To represent location, the concept [=Location=] along with relations [=hasLocation=] is provided. For geo-political locations, the concepts such as [=Country=] and [=SupraNationalUnion=] are subtyped, with [=hasCountry=] and [=ThirdCountry=] with [=hasThirdCountry=] provided for convenience in common uses (e.g. data storage, transfers).

To define contextual location concepts, such as there being several locations, or that the location is 'local' to an event, DPV provides two concepts. [=LocationFixture=] specifies whether the location is 'fixed' or 'deterministic', with subtypes for fixed single, fixed multiple, and variable locations. [=LocationLocality=] specifies whether the location is 'local' within the context, with subtypes for local, remote, within a device, or in cloud.

To represent locations as jurisdictions, the relation [=hasJurisdiction=] is provided. The concept [=Law=] represents an official or authoritative law or regulation created by a government or an authority. To indicate applicability of laws within a jurisdiction, the relation [=hasApplicableLaw=] is provided.

The [[[LEGAL]]] provides taxonomies extending these concepts, such as to represent specific countries, their laws, authorities, memberships, adequacy decisions, and other information.

Risk and Impacts

Please refer to risk page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the risk concepts.

For risk management, DPV's provides a lightweight risk ontology based on commonly utilised concepts regarding risk mitigation and risk management. While these concepts permit rudimentary association of risks and mitigations within a use-case, it is important to note that DPV (currently) does not provide comprehensive concepts for risk management.

For more developed representations of risk assessment, mitigation, and management vocabularies, we suggest the adoption of relevant standards, such as the ISO/IEC 31000 series, and welcome contribution for their representation within DPV through [[[RISK]]].

Rights

Please refer to rights page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the rights concepts.

The concept [=Right=] represents a normative concept for what is permissible or necessary in accordance with a system such as laws. To associate rights with concepts that are relevant or within which those rights occur, the relation [=hasRight=] is used. Rights can be passive, which means they are always applicable without requiring anything to be done, or active where they require some action to be taken to initiate or exercise them. To represent these concepts, DPV uses [=PassiveRight=] and [=ActiveRight=] respectively. Rights can be applicable to different contexts or entities. To differentiate rights applicable or afforded to data subjects, the concept [=DataSubjectRight=] is used.

The information regarding hwo to exercise a right is provided through [=RightExerciseNotice=] and associated using the [=isExercisedAt=] relation. This information can specify contextual information through use of other concepts such as [=PersonalDataHandling=] to denote a necessary [=Purpose=] of [=IdentityVerification=] as part of the rights exercise.

A [=RightExerciseActivity=] represents a concrete instance of a right being exercised. It can include contextual information such as timestamps, durations, entities, etc. that can be part of record-keeping. An activity can be a single step related to rights exercise -- such as the initial request to exercise that right, or its acknowledgement, or the final step taken to fulfil the right (e.g. provide some information), or it can also be a single activity describing the entire rights exercise process(es). To collate related activities associated with a rights exercise (e.g. associated with a specific data subject or a specific request), the concept [=RightExerciseRecord=] is useful. The information provided to describe or in fulfilment of a right exercise is represented by [=RightFulfilmentNotice=] and that associated when a right exercise cannot be fulfilled is represented by [=RightNonFulfilmentNotice=].

To indicate contextual information about Right Exercise activities, DPV suggests reuse of existing relations, such as those from DPV itself and [[[DCT]]]. For example, dct:accessRights can be used to specify constraints or requirements regarding access (e.g. log in required), or dct:hasPart and dct:isPartOf to express records and its contents, dct:valid to express validity constraints on the exercising being made available, foaf:page to specify the location or provision of notice, and [=hasStatus with [=RequestStatus=] to represent the status of a rights exercise activity.

When rights require the provision of information which beyond a static common notice, for example a document personalised to the individual's information, or a dataset containing the individual's data, DPV recommends using [[[DCAT]]] to model the contents as a dcat:Resource or other relevant concepts from [[DCAT]] and [[DCT]] such as dct:format, dct:accessRights, and dct:valid.

Rules

Please refer to rules page for additional documentation, examples, references, and best practices. This document provides only a brief summary of the rules concepts.

DPV provides the concept [=Rule=] to specify requirements, constraints, and other forms of 'rules' that are associated with specific contexts (e.g., processing activities) using the relation [=hasRule=]. DPV provides three forms of Rules to represent [=Permission=], [=Prohibition=] and [=Obligation=], and their corresponding relations [=hasPermission=], [=hasProhibition=] and [=hasObligation=], to indicate a Rule that specifies whether something is permitted, prohibited or an obligation, respectively. DPV does not define additional semantics for rules and limits its scope and focus to provide a simple way to specify permissions, prohibitions, and obligations as common rules associated with personal data and its processing activities. For a more extensive and richer set of semantics and concepts to represent rules, DPVCG suggests looking towards other languages, such as [[ODRL]], [[SHACL]], and [[RuleML]] that have been developed with the specific goal of representing and applying rules. We welcome contributions for aligning DPV with these, and for providing guidance on how to complement DPV's rule-based concepts with external languages.

In representing Rules, DPV only provides the concept and does not express any inherent semantics on what those rules mean in relation to each other. For example, DPV does not express Permission to be non-compatible or disjoint from Prohibition. This is to separate the interpretation and application of rules based on the necessities of a use-case. For example, in a legal investigation it may be prudent to specify permission and prohibition can never occur together, but this may not be true if there are different legal requirements that allow a prohibition to be resolved or deferred, such as through another permission that overrides the prohibition.

DPV does not specify 'default' in relation to rules, i.e. it does not provide an interpretation of whether some rules apply automatically unless otherwise declared. For example, in declaring an instance of Personal Data Handling, the assumption is that the activities are modelled for what is happening or what is intended/planned to happen. The explicit annotation using a Permission rule adds information about whether some activity is permitted (and its associated information). Instead, if the use-case is using DPV to only document activities that are permitted, there is no need to explicitly specify the permissions. Similarly, just because something is happening or planned to happen, it cannot be assumed to be permitted (e.g., from evaluation of legal requirements).

To associate a rule with a specific context, which can be a PersonalDataHandling or PersonalData or Purposes, the relations [=hasPermission=], [=hasProhibition=] and [=hasObligation=] are provided. Additional types of rules can be added to DPV by extending the Rule Concept (e.g., :MyRule rdfs:isSubClassOf dpv:Rule).

Extensions

Vocabulary Index

Classes

Academic Research

Term AcademicResearch Prefix dpv
Label Academic Research
IRI https://w3id.org/dpv#AcademicResearch
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:ResearchAndDevelopmentdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with conducting or assisting with research conducted in an academic context e.g. within universities
Related svpu:Education
Date Created 2019-04-05
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section PURPOSES in DPV

Academic or Scientific Organisation

Term AcademicScientificOrganisation Prefix dpv
Label Academic or Scientific Organisation
IRI https://w3id.org/dpv#AcademicScientificOrganisation
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Organisationdpv:LegalEntitydpv:Entity
Object of relation dpv:hasEntity, dpv:hasResponsibleEntity, dpv:hasSubsidiary, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor, dpv:isSubsidiaryOf
Definition Organisations related to academia or scientific pursuits e.g. Universities, Schools, Research Bodies
Source ADMS controlled vocabulary
Date Created 2022-02-02
Date Modified 2020-10-05
Contributors Harshvardhan J. Pandit
See More: section ENTITIES-ORGANISATION in DPV

Access

Term Access Prefix dpv
Label Access
IRI https://w3id.org/dpv#Access
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Usedpv:Processing
Object of relation dpv:hasProcessing
Definition to access data
Date Created 2022-06-15
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section PROCESSING in DPV

Access Control Method

Term AccessControlMethod Prefix dpv
Label Access Control Method
IRI https://w3id.org/dpv#AccessControlMethod
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Methods which restrict access to a place or resource
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DEX

Account Management

Term AccountManagement Prefix dpv
Label Account Management
IRI https://w3id.org/dpv#AccountManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Purpose
Object of relation dpv:hasPurpose
Definition Account Management refers to purposes associated with account management, such as to create, provide, maintain, and manage accounts
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Acquire

Term Acquire Prefix dpv
Label Acquire
IRI https://w3id.org/dpv#Acquire
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Obtaindpv:Processing
Object of relation dpv:hasProcessing
Definition to come into possession or control of the data
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Actively Involved

Term ActivelyInvolved Prefix dpv
Label Actively Involved
IRI https://w3id.org/dpv#ActivelyInvolved
Type rdfs:Class, skos:Concept, dpv:InvolvementStatus
Broader/Parent types dpv:InvolvementStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInvolvementStatus, dpv:hasStatus
Definition Status indicating the specified context is 'actively' involved
Usage Note An example of active involvement is a person directly using a system to enter information
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Active Right

Term ActiveRight Prefix dpv
Label Active Right
IRI https://w3id.org/dpv#ActiveRight
Type rdfs:Class, skos:Concept, dpv:Right
Broader/Parent types dpv:Right
Subject of relation dpv:isExercisedAt
Object of relation dpv:hasRight
Definition The right(s) applicable, provided, or expected that need to be (actively) exercised
Usage Note Active rights require the entity to expressly exercise them. For example, a Data Subject exercising their right to withdraw their consent.
Date Created 2022-10-22
Contributors Harshvardhan J. Pandit, Beatriz Esteves, Georg P. Krog, Paul Ryan
See More: section RIGHTS in DPV

Activity Completed

Term ActivityCompleted Prefix dpv
Label Activity Completed
IRI https://w3id.org/dpv#ActivityCompleted
Type rdfs:Class, skos:Concept, dpv:ActivityStatus
Broader/Parent types dpv:ActivityStatusdpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition State of an activity that has completed i.e. is fully in the past
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Activity Halted

Term ActivityHalted Prefix dpv
Label Activity Halted
IRI https://w3id.org/dpv#ActivityHalted
Type rdfs:Class, skos:Concept, dpv:ActivityStatus
Broader/Parent types dpv:ActivityStatusdpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition State of an activity that was occuring in the past, and has been halted or paused or stoped
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Activity Monitoring

Term ActivityMonitoring Prefix dpv
Label Activity Monitoring
IRI https://w3id.org/dpv#ActivityMonitoring
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Monitoring of activities including assessing whether they have been successfully initiated and completed
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Acitivity Not Completed

Term ActivityNotCompleted Prefix dpv
Label Acitivity Not Completed
IRI https://w3id.org/dpv#ActivityNotCompleted
Type rdfs:Class, skos:Concept, dpv:ActivityStatus
Broader/Parent types dpv:ActivityStatusdpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition State of an activity that could not be completed, but has reached some end state
Usage Note This relates to a 'Stop' state as distinct from a 'Halt' state. It makes no comments on whether the Acitivity can be resumed or continued towards completion.
Date Created 2022-11-30
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Activity Ongoing

Term ActivityOngoing Prefix dpv
Label Activity Ongoing
IRI https://w3id.org/dpv#ActivityOngoing
Type rdfs:Class, skos:Concept, dpv:ActivityStatus
Broader/Parent types dpv:ActivityStatusdpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition State of an activity occuring in continuation i.e. currently ongoing
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Activity Planned

Term ActivityPlanned Prefix dpv
Label Activity Planned
IRI https://w3id.org/dpv#ActivityPlanned
Type rdfs:Class, skos:Concept, dpv:ActivityStatus
Broader/Parent types dpv:ActivityStatusdpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition State of an activity being planned with concrete plans for implementation
Date Created 2024-05-19
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Activity Proposed

Term ActivityProposed Prefix dpv
Label Activity Proposed
IRI https://w3id.org/dpv#ActivityProposed
Type rdfs:Class, skos:Concept, dpv:ActivityStatus
Broader/Parent types dpv:ActivityStatusdpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition State of an activity being proposed without any concrete plans for implementation
Date Created 2022-05-18
Date Modified 2024-05-19
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Activity Status

Term ActivityStatus Prefix dpv
Label Activity Status
IRI https://w3id.org/dpv#ActivityStatus
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Statusdpv:Context
Object of relation dpv:hasActivityStatus, dpv:hasContext, dpv:hasStatus
Definition Status associated with activity operations and lifecycles
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Adapt

Term Adapt Prefix dpv
Label Adapt
IRI https://w3id.org/dpv#Adapt
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Transformdpv:Processing
Object of relation dpv:hasProcessing
Definition to modify the data, often rewritten into a new form for a new use
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Adult

Term Adult Prefix dpv
Label Adult
IRI https://w3id.org/dpv#Adult
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition A natural person that is not a child i.e. has attained some legally specified age of adulthood
Date Created 2022-03-30
Contributors Georg P. Krog
See More: section ENTITIES-DATASUBJECT in DPV

Advertising

Term Advertising Prefix dpv
Label Advertising
IRI https://w3id.org/dpv#Advertising
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Marketingdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with conducting advertising i.e. process or artefact used to call attention to a product, service, etc. through announcements, notices, or other forms of communication
Usage Note Advertising is a subset of Marketing. Advertising by itself does not indicate 'personalisation' i.e. personalised ads.
Date Created 2020-11-04
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Age Verification

Term AgeVerification Prefix dpv
Label Age Verification
IRI https://w3id.org/dpv#AgeVerification
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Verificationdpv:EnforceSecuritydpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with verifying or authenticating age or age related information as a form of security
Usage Note Age Verification can include verification of the exact age, e.g. being 21 years old, a date, e.g. birth date is 01 January 1969, or a condition, e.g. age is over 21 years and the person is an adult. Specific dedicated resources should be used to further express information and processes associated with Age Verification, for example the Age Verification Vocabulary https://w3id.org/age/
Date Created 2024-02-14
Contributors Beatriz Esteves, Arthit Suriyawongkul, Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Aggregate

Term Aggregate Prefix dpv
Label Aggregate
IRI https://w3id.org/dpv#Aggregate
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Alterdpv:Transformdpv:Processing
Object of relation dpv:hasProcessing
Definition to aggregate data
Source SPECIAL Project
Related svpr:Aggregate
Date Created 2024-04-14
Contributors Beatriz Esteves, Harshvardhan J. Pandit
See More: section PROCESSING in DPV

AI Literacy

Term AILiteracy Prefix dpv
Label AI Literacy
IRI https://w3id.org/dpv#AILiteracy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DigitalLiteracydpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Providing skills, knowledge, and understanding to enable reading, writing, analysing, reasoning, and communicating regarding AI
Date Created 2024-05-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Algorithmic Logic

Term AlgorithmicLogic Prefix dpv
Label Algorithmic Logic
IRI https://w3id.org/dpv#AlgorithmicLogic
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:ProcessingContextdpv:Context
Object of relation dpv:hasAlgorithmicLogic, dpv:hasContext
Definition The algorithmic logic applied or used
Usage Note Algorithmic Logic is intended as a broad concept for explaining the use of algorithms and automated decisions making within Processing. To describe the actual algorithm, see the Algorithm concept.
Date Created 2022-01-26
Date Modified 2023-12-10
Contributors Harshvardhan J. Pandit
See More: section PROCESSING-CONTEXT in DPV

Align

Term Align Prefix dpv
Label Align
IRI https://w3id.org/dpv#Align
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Transformdpv:Processing
Object of relation dpv:hasProcessing
Definition to adjust the data to be in relation to another data
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Alter

Term Alter Prefix dpv
Label Alter
IRI https://w3id.org/dpv#Alter
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Transformdpv:Processing
Object of relation dpv:hasProcessing
Definition to change the data without changing it into something else
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Analyse

Term Analyse Prefix dpv
Label Analyse
IRI https://w3id.org/dpv#Analyse
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Usedpv:Processing
Object of relation dpv:hasProcessing
Definition to study or examine the data in detail
Source SPECIAL Project
Related svpr:Analyse
Date Created 2019-05-07
See More: section PROCESSING in DPV

Anonymisation

Term Anonymisation Prefix dpv
Label Anonymisation
IRI https://w3id.org/dpv#Anonymisation
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Deidentificationdpv:DataSanitisationTechniquedpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Anonymisation is the process by which data is irreversibly altered in such a way that a data subject can no longer be identified directly or indirectly, either by the entity holding the data alone or in collaboration with other entities and information sources
Source ISO 29100:2011
Date Created 2019-04-05
Date Modified 2022-11-24
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DPV

Anonymise

Term Anonymise Prefix dpv
Label Anonymise
IRI https://w3id.org/dpv#Anonymise
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Transformdpv:Processing
Object of relation dpv:hasProcessing
Definition to irreversibly alter personal data in such a way that an unique data subject can no longer be identified directly or indirectly or in combination with other data
Source SPECIAL Project
Related svpr:Anonymise
Date Created 2019-05-07
See More: section PROCESSING in DPV

Anonymised Data

Term AnonymisedData Prefix dpv
Label Anonymised Data
IRI https://w3id.org/dpv#AnonymisedData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:NonPersonalDatadpv:Data
Object of relation dpv:hasData
Definition Personal Data that has been (fully and completely) anonymised so that it is no longer considered Personal Data
Usage Note It is advised to carefully consider indicating data is fully or completely anonymised by determining whether the data by itself or in combination with other data can identify a person. Failing this condition, the data should be denoted as PseudonymisedData. To indicate data is anonymised only for a specified entity (e.g. within an organisation), the concept ContextuallyAnonymisedData (as subclass of PseudonymisedData) should be used instead of AnonymisedData.
Date Created 2022-01-19
Contributors Piero Bonatti
See More: section PERSONAL-DATA in DPV

Applicability

Term Applicability Prefix dpv
Label Applicability
IRI https://w3id.org/dpv#Applicability
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Context
Object of relation dpv:hasApplicability, dpv:hasContext
Definition Concept provided to represent indication of cases where the information or context is not applicable (N/A) or not available or this is not known or determined yet. If the information is applicable and available, this concept should not be used.
Usage Note These concepts are useful in closed-world interpretations, for example in forms where a field must have a value to explicitly denote it is not applicable or the information is not available yet.
Date Created 2023-08-24
Contributors Harshvardhan J. Pandit
See More: section CONTEXT in DPV

Applicant

Term Applicant Prefix dpv
Label Applicant
IRI https://w3id.org/dpv#Applicant
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that are applicants in some context
Date Created 2022-04-06
Contributors Harshvardhan J. Pandit, Georg P. Krog, Julian Flake, Paul Ryan, Beatriz Esteves
See More: section ENTITIES-DATASUBJECT in DPV

Assess

Term Assess Prefix dpv
Label Assess
IRI https://w3id.org/dpv#Assess
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Usedpv:Processing
Object of relation dpv:hasProcessing
Definition to assess data for some criteria
Date Created 2022-06-15
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section PROCESSING in DPV

Assessment

Term Assessment Prefix dpv
Label Assessment
IRI https://w3id.org/dpv#Assessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition The document, plan, or process for assessment or determination towards a purpose e.g. assessment of legality or impact assessments
Date Created 2021-09-08
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Asset Management Procedures

Term AssetManagementProcedures Prefix dpv
Label Asset Management Procedures
IRI https://w3id.org/dpv#AssetManagementProcedures
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Procedures related to management of assets
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Assistive Automation

Term AssistiveAutomation Prefix dpv
Label Assistive Automation
IRI https://w3id.org/dpv#AssistiveAutomation
Type rdfs:Class, skos:Concept, dpv:AutomationLevel
Broader/Parent types dpv:AutomationLeveldpv:ProcessingContextdpv:Context
Object of relation dpv:hasAutomationLevel, dpv:hasContext
Definition Level of automation corresponding to Level 1 in ISO/IEC 22989:2022 where automation is limited to parts of the system or a specific part of the system in a manner that does not change the control of the human in using/driving the system
Usage Note Human Involvement is implied here, specifically the ability to make decisions regarding operations, but also possibly for intervention, oversight, and verification
Source ISO/IEC 22989:2022 Artificial intelligence concepts and terminology
Date Created 2023-12-10
Date Modified 2024-04-20
Contributors Harshvardhan J. Pandit, Delaram Golpayegani
See More: section PROCESSING-CONTEXT in DPV

Asylum Seeker

Term AsylumSeeker Prefix dpv
Label Asylum Seeker
IRI https://w3id.org/dpv#AsylumSeeker
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:VulnerableDataSubjectdpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that are asylum seekers
Date Created 2022-06-15
Contributors Georg P. Krog
See More: section ENTITIES-DATASUBJECT in DPV

Asymmetric Cryptography

Term AsymmetricCryptography Prefix dpv
Label Asymmetric Cryptography
IRI https://w3id.org/dpv#AsymmetricCryptography
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of public-key cryptography or asymmetric cryptography involving a public and private pair of keys
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Asymmetric Encryption

Term AsymmetricEncryption Prefix dpv
Label Asymmetric Encryption
IRI https://w3id.org/dpv#AsymmetricEncryption
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Encryptiondpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of asymmetric cryptography to encrypt data
Source ENISA Data Pseudonymisation: Advanced Techniques and Use Cases
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Audit Approved

Term AuditApproved Prefix dpv
Label Audit Approved
IRI https://w3id.org/dpv#AuditApproved
Type rdfs:Class, skos:Concept, dpv:AuditStatus
Broader/Parent types dpv:AuditStatusdpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition State of being approved through the audit
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Audit Conditionally Approved

Term AuditConditionallyApproved Prefix dpv
Label Audit Conditionally Approved
IRI https://w3id.org/dpv#AuditConditionallyApproved
Type rdfs:Class, skos:Concept, dpv:AuditStatus
Broader/Parent types dpv:AuditStatusdpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition State of being conditionally approved through the audit
Usage Note A "conditional approval" is intended to reflect states where the audit has identified further changes which must be implemented before considering the audit has been 'passed', without requiring another audit to validate them. This is distinct from the case where an audit has state 'rejected', which means changes must be made and submitted for review. The requirements of a 'conditional acceptance' are expected to be minor or not significant enough to warrant another audit to review them.
Date Created 2022-06-29
Contributors Paul Ryan
See More: section CONTEXT-STATUS in DPV

Audit Not Required

Term AuditNotRequired Prefix dpv
Label Audit Not Required
IRI https://w3id.org/dpv#AuditNotRequired
Type rdfs:Class, skos:Concept, dpv:AuditStatus
Broader/Parent types dpv:AuditStatusdpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition State where an audit is determined as not being required
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Audit Rejected

Term AuditRejected Prefix dpv
Label Audit Rejected
IRI https://w3id.org/dpv#AuditRejected
Type rdfs:Class, skos:Concept, dpv:AuditStatus
Broader/Parent types dpv:AuditStatusdpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition State of not being approved or being rejected through the audit
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Audit Requested

Term AuditRequested Prefix dpv
Label Audit Requested
IRI https://w3id.org/dpv#AuditRequested
Type rdfs:Class, skos:Concept, dpv:AuditStatus
Broader/Parent types dpv:AuditStatusdpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition State of an audit being requested whose outcome is not yet known
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Audit Required

Term AuditRequired Prefix dpv
Label Audit Required
IRI https://w3id.org/dpv#AuditRequired
Type rdfs:Class, skos:Concept, dpv:AuditStatus
Broader/Parent types dpv:AuditStatusdpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition State where an audit is determined as being required but has not been conducted
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Audit Status

Term AuditStatus Prefix dpv
Label Audit Status
IRI https://w3id.org/dpv#AuditStatus
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Statusdpv:Context
Object of relation dpv:hasAuditStatus, dpv:hasContext, dpv:hasStatus
Definition Status associated with Auditing or Investigation
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Authentication using ABC

Term Authentication-ABC Prefix dpv
Label Authentication using ABC
IRI https://w3id.org/dpv#Authentication-ABC
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:CryptographicAuthenticationdpv:AuthenticationProtocolsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Broader/Parent types dpv:CryptographicAuthenticationdpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of Attribute Based Credentials (ABC) to perform and manage authentication
Source ENISA Data Protection Engineering
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Authentication using PABC

Term Authentication-PABC Prefix dpv
Label Authentication using PABC
IRI https://w3id.org/dpv#Authentication-PABC
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:CryptographicAuthenticationdpv:AuthenticationProtocolsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Broader/Parent types dpv:CryptographicAuthenticationdpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of Privacy-enhancing Attribute Based Credentials (ABC) to perform and manage authentication
Source ENISA Data Protection Engineering
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Authentication Protocols

Term AuthenticationProtocols Prefix dpv
Label Authentication Protocols
IRI https://w3id.org/dpv#AuthenticationProtocols
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Protocols involving validation of identity i.e. authentication of a person or information
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DPV

Authorisation Procedure

Term AuthorisationProcedure Prefix dpv
Label Authorisation Procedure
IRI https://w3id.org/dpv#AuthorisationProcedure
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:SecurityProceduredpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Procedures for determining authorisation through permission or authority
Usage Note non-technical authorisation procedures: How is it described on an organisational level, who gets access to the data
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-ORGANISATIONAL in DPV

Authorisation Protocols

Term AuthorisationProtocols Prefix dpv
Label Authorisation Protocols
IRI https://w3id.org/dpv#AuthorisationProtocols
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Protocols involving authorisation of roles or profiles to determine permission, rights, or privileges
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Authority

Term Authority Prefix dpv
Label Authority
IRI https://w3id.org/dpv#Authority
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:GovernmentalOrganisationdpv:Organisationdpv:LegalEntitydpv:Entity
Subject of relation dpv:isAuthorityFor
Object of relation dpv:hasAuthority, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:hasSubsidiary, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor, dpv:isSubsidiaryOf
Definition An authority with the power to create or enforce laws, or determine their compliance.
Date Created 2020-11-04
Contributors Georg P. Krog, Paul Ryan, Harshvardhan J. Pandit
See More: section ENTITIES-AUTHORITY in DPV

Authority Informed

Term AuthorityInformed Prefix dpv
Label Authority Informed
IRI https://w3id.org/dpv#AuthorityInformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityInformeddpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating Authority has been informed about the specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Authority Uninformed

Term AuthorityUninformed Prefix dpv
Label Authority Uninformed
IRI https://w3id.org/dpv#AuthorityUninformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityUninformeddpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating Authority is uninformed i.e. has not been informed about the specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Automated Decision Making

Term AutomatedDecisionMaking Prefix dpv
Label Automated Decision Making
IRI https://w3id.org/dpv#AutomatedDecisionMaking
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:DecisionMakingdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext
Definition Processing that involves automated decision making
Usage Note Automated decision making can be defined as “the ability to make decisions by technological means without human involvement.” (“Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679 (wp251rev.01)”, 2018, p. 8)
Source GDPR Art.4-2
Date Created 2020-11-04
Date Modified 2022-09-07
Contributors Harshvardhan J. Pandit, Piero Bonatti
See More: section PROCESSING-CONTEXT in DPV

Automated Scoring of Individuals

Term AutomatedScoringOfIndividuals Prefix dpv
Label Automated Scoring of Individuals
IRI https://w3id.org/dpv#AutomatedScoringOfIndividuals
Type rdfs:Class, skos:Concept, dpv:ScoringOfIndividuals
Broader/Parent types dpv:ScoringOfIndividualsdpv:EvaluationScoringdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext
Definition Processing that involves automated scoring of individuals
Usage Note Scoring can lead to the action being considered Decision Making if the scoring is itself a decision - see 2023-MAR-16 opinion of Advocate General on Case C 634/21. Therefore, the assessment of whether scoring was automated or not is important given the legal obligations surrounding automated decision making e.g. in GDPR
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section PROCESSING-CONTEXT in DPV

Automation Level

Term AutomationLevel Prefix dpv
Label Automation Level
IRI https://w3id.org/dpv#AutomationLevel
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:ProcessingContextdpv:Context
Object of relation dpv:hasAutomationLevel, dpv:hasContext
Definition Indication of degree or level of automation associated with specified context
Usage Note This concept was called 'Automation' in previous versions
Source ISO/IEC 22989:2022 Artificial intelligence concepts and terminology
Date Created 2023-12-10
Date Modified 2024-04-20
Contributors Harshvardhan J. Pandit, Delaram Golpayegani
See More: section PROCESSING-CONTEXT in DPV

Autonomous

Term Autonomous Prefix dpv
Label Autonomous
IRI https://w3id.org/dpv#Autonomous
Type rdfs:Class, skos:Concept, dpv:AutomationLevel
Broader/Parent types dpv:AutomationLeveldpv:ProcessingContextdpv:Context
Object of relation dpv:hasAutomationLevel, dpv:hasContext
Definition Level of automation corresponding to Level 6 in ISO/IEC 22989:2022 where the automation in system is capable of modifying its operation domain or its goals without external intervention, control or oversight
Usage Note Though Autonomous, such operations can still be associated with dpv:HumanInvolved e.g. for inputs, oversight or verification
Source ISO/IEC 22989:2022 Artificial intelligence concepts and terminology
Date Created 2023-12-10
Date Modified 2024-04-20
Contributors Harshvardhan J. Pandit, Delaram Golpayegani
See More: section PROCESSING-CONTEXT in DPV

Background Checks

Term BackgroundChecks Prefix dpv
Label Background Checks
IRI https://w3id.org/dpv#BackgroundChecks
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:SecurityProceduredpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Procedure where the background of an entity is assessed to identity vulnerabilities and threats due to their current or intended role
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Benefit

Term Benefit Prefix dpv
Label Benefit
IRI https://w3id.org/dpv#Benefit
Type rdfs:Class, skos:Concept, dpv:Impact
Broader/Parent types dpv:Impactdpv:Consequence
Subject of relation dpv:hasImpactOn
Object of relation dpv:hasConsequence, dpv:hasImpact
Definition Impact(s) that acts as or causes benefits
Date Created 2022-03-23
Contributors Harshvardhan J. Pandit, Julian Flake, Georg P. Krog, Fajar Ekaputra, Beatriz Esteves, Axel Polleres
See More: section RISK in DPV

Biometric Authentication

Term BiometricAuthentication Prefix dpv
Label Biometric Authentication
IRI https://w3id.org/dpv#BiometricAuthentication
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:AuthenticationProtocolsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of biometric data for authentication
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Cannot Challenge Process

Term CannotChallengeProcess Prefix dpv
Label Cannot Challenge Process
IRI https://w3id.org/dpv#CannotChallengeProcess
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot challenge the process of specified context
Usage Note Challenge refers to raising questions about validity, necessity, correctness, or other similar 'trustworthiness' attributes regarding the process or plan or implementation
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Challenge Process Input

Term CannotChallengeProcessInput Prefix dpv
Label Cannot Challenge Process Input
IRI https://w3id.org/dpv#CannotChallengeProcessInput
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot challenge input of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Challenge Process Output

Term CannotChallengeProcessOutput Prefix dpv
Label Cannot Challenge Process Output
IRI https://w3id.org/dpv#CannotChallengeProcessOutput
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot challenge the output of specified context
Usage Note Challenge refers to raising questions about validity, necessity, correctness, or other similar 'trustworthiness' attributes regarding the output of the process or plan or implementation (where output is distinct from the process itself)
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Correct Process

Term CannotCorrectProcess Prefix dpv
Label Cannot Correct Process
IRI https://w3id.org/dpv#CannotCorrectProcess
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot correct the process of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Correct Process Input

Term CannotCorrectProcessInput Prefix dpv
Label Cannot Correct Process Input
IRI https://w3id.org/dpv#CannotCorrectProcessInput
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot correct input of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Correct Process Output

Term CannotCorrectProcessOutput Prefix dpv
Label Cannot Correct Process Output
IRI https://w3id.org/dpv#CannotCorrectProcessOutput
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot correct the output of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Object to Process

Term CannotObjectToProcess Prefix dpv
Label Cannot Object to Process
IRI https://w3id.org/dpv#CannotObjectToProcess
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot object to process of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Opt-in to Process

Term CannotOptInToProcess Prefix dpv
Label Cannot Opt-in to Process
IRI https://w3id.org/dpv#CannotOptInToProcess
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot opt-in to specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Opt-out from Process

Term CannotOptOutFromProcess Prefix dpv
Label Cannot Opt-out from Process
IRI https://w3id.org/dpv#CannotOptOutFromProcess
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot opt-out from specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Reverse Process Effects

Term CannotReverseProcessEffects Prefix dpv
Label Cannot Reverse Process Effects
IRI https://w3id.org/dpv#CannotReverseProcessEffects
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot reverse effects of specified context
Usage Note Effects refer to consequences and impacts arising from the process or from the outputs of a process
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Reverse Process Input

Term CannotReverseProcessInput Prefix dpv
Label Cannot Reverse Process Input
IRI https://w3id.org/dpv#CannotReverseProcessInput
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot reverse input of specified context
Usage Note Reversion can be considered a form of correction in some instances. We welcome inputs to further explore and define this relation between correction and reversion concepts.
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Reverse Process Output

Term CannotReverseProcessOutput Prefix dpv
Label Cannot Reverse Process Output
IRI https://w3id.org/dpv#CannotReverseProcessOutput
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot reverse output of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Cannot Withdraw from Process

Term CannotWithdrawFromProcess Prefix dpv
Label Cannot Withdraw from Process
IRI https://w3id.org/dpv#CannotWithdrawFromProcess
Type rdfs:Class, skos:Concept, dpv:EntityNonPermissiveInvolvement
Broader/Parent types dpv:EntityNonPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity cannot withdraw a previously given assent from specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Certification

Term Certification Prefix dpv
Label Certification
IRI https://w3id.org/dpv#Certification
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:CertificationSealdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Certification mechanisms, seals, and marks for the purpose of demonstrating compliance
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-ORGANISATIONAL in DPV

Certification and Seal

Term CertificationSeal Prefix dpv
Label Certification and Seal
IRI https://w3id.org/dpv#CertificationSeal
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Certifications, seals, and marks indicating compliance to regulations or practices
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-ORGANISATIONAL in DPV

Challenging Process

Term ChallengingProcess Prefix dpv
Label Challenging Process
IRI https://w3id.org/dpv#ChallengingProcess
Type rdfs:Class, skos:Concept, dpv:EntityPermissiveInvolvement
Broader/Parent types dpv:EntityPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity can challenge the process of specified context
Usage Note Challenge refers to raising questions about validity, necessity, correctness, or other similar 'trustworthiness' attributes regarding the process or plan or implementation
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Challenging Process Input

Term ChallengingProcessInput Prefix dpv
Label Challenging Process Input
IRI https://w3id.org/dpv#ChallengingProcessInput
Type rdfs:Class, skos:Concept, dpv:EntityPermissiveInvolvement
Broader/Parent types dpv:EntityPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity can challenge input of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Challenging Process Output

Term ChallengingProcessOutput Prefix dpv
Label Challenging Process Output
IRI https://w3id.org/dpv#ChallengingProcessOutput
Type rdfs:Class, skos:Concept, dpv:EntityPermissiveInvolvement
Broader/Parent types dpv:EntityPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity can challenge the output of specified context
Usage Note Challenge refers to raising questions about validity, necessity, correctness, or other similar 'trustworthiness' attributes regarding the output of the process or plan or implementation (where output is distinct from the process itself)
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Child

Term Child Prefix dpv
Label Child
IRI https://w3id.org/dpv#Child
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition A 'child' is a natural legal person who is below a certain legal age depending on the legal jurisdiction.
Usage Note The legality of age defining a child varies by jurisdiction. In addition, 'child' is distinct from a 'minor'. For example, the legal age for consumption of alcohol can be 21, which makes a person of age 20 a 'minor' in this context. In other cases, 'minor' and 'child' are used interchangeably to refer to a person below some legally defined age.
Date Created 2020-11-25
Date Modified 2022-06-22
Contributors Harshvardhan J. Pandit
See More: section ENTITIES-DATASUBJECT in DPV

Citizen

Term Citizen Prefix dpv
Label Citizen
IRI https://w3id.org/dpv#Citizen
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that are citizens (for a jurisdiction)
Date Created 2022-04-06
Contributors Harshvardhan J. Pandit, Georg P. Krog, Julian Flake, Paul Ryan, Beatriz Esteves
See More: section ENTITIES-DATASUBJECT in DPV

City

Term City Prefix dpv
Label City
IRI https://w3id.org/dpv#City
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Regiondpv:Countrydpv:Location
Object of relation dpv:hasCountry, dpv:hasJurisdiction, dpv:hasLocation
Definition A region consisting of urban population and commerce
Date Created 2022-10-22
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-JURISDICTION in DPV

Client

Term Client Prefix dpv
Label Client
IRI https://w3id.org/dpv#Client
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:Customerdpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that are clients or recipients of services
Date Created 2022-04-06
Contributors Harshvardhan J. Pandit, Georg P. Krog, Julian Flake, Paul Ryan, Beatriz Esteves
See More: section ENTITIES-DATASUBJECT in DPV

Cloud Location

Term CloudLocation Prefix dpv
Label Cloud Location
IRI https://w3id.org/dpv#CloudLocation
Type rdfs:Class, skos:Concept, dpv:Location
Broader/Parent types dpv:RemoteLocationdpv:LocationLocalitydpv:Location
Object of relation dpv:hasJurisdiction, dpv:hasLocation
Definition Location that is in the 'cloud' i.e. a logical location operated over the internet
Date Created 2022-06-15
Date Modified 2020-10-05
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-JURISDICTION in DPV

Code of Conduct

Term CodeOfConduct Prefix dpv
Label Code of Conduct
IRI https://w3id.org/dpv#CodeOfConduct
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:GuidelinesPrincipledpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition A set of rules or procedures outlining the norms and practices for conducting activities
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-ORGANISATIONAL in DPV

Collect

Term Collect Prefix dpv
Label Collect
IRI https://w3id.org/dpv#Collect
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Obtaindpv:Processing
Object of relation dpv:hasProcessing
Definition to gather data from someone
Source GDPR Art.4-2, SPECIAL Project
Related svpr:Collect
Date Created 2019-05-07
See More: section PROCESSING in DEX

Collected Data

Term CollectedData Prefix dpv
Label Collected Data
IRI https://w3id.org/dpv#CollectedData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Data
Object of relation dpv:hasData
Definition Data that has been obtained by collecting it from a source
Date Created 2023-12-10
See More: section PERSONAL-DATA in DPV

Collected Personal Data

Term CollectedPersonalData Prefix dpv
Label Collected Personal Data
IRI https://w3id.org/dpv#CollectedPersonalData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:CollectedDatadpv:Data
Broader/Parent types dpv:PersonalDatadpv:Data
Object of relation dpv:hasData, dpv:hasPersonalData
Definition Personal Data that has been collected from another source such as the Data Subject
Usage Note To indicate the source of data, use the DataSource concept with the hasDataSource relation
Date Created 2022-03-30
Date Modified 2023-12-10
Contributors Harshvardhan J. Pandit
See More: section PERSONAL-DATA in DPV

Combat Climate Change

Term CombatClimateChange Prefix dpv
Label Combat Climate Change
IRI https://w3id.org/dpv#CombatClimateChange
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:PublicBenefitdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with combating the causes and consequences of climate change, including reducing gas emissions and fighting emergencies such as floods or wildfires
Source
Contributors Beatriz Esteves, Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Combine

Term Combine Prefix dpv
Label Combine
IRI https://w3id.org/dpv#Combine
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Transformdpv:Processing
Object of relation dpv:hasProcessing
Definition to join or merge data
Source GDPR Art.4-2, SPECIAL Project
Related svpr:Aggregate
Date Created 2019-05-07
See More: section PROCESSING in DPV

CommerciallyConfidentialData

Term CommerciallyConfidentialData Prefix dpv
Label CommerciallyConfidentialData
IRI https://w3id.org/dpv#CommerciallyConfidentialData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Data
Object of relation dpv:hasData
Definition Data protected through Commercial Confidentiality Agreements
Source
See More: section PERSONAL-DATA in DPV

Commercial Purpose

Term CommercialPurpose Prefix dpv
Label Commercial Purpose
IRI https://w3id.org/dpv#CommercialPurpose
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with processing activities performed in a commercial setting or with intention to commercialise
Source
Contributors Beatriz Esteves, Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Commercial Research

Term CommercialResearch Prefix dpv
Label Commercial Research
IRI https://w3id.org/dpv#CommercialResearch
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CommercialPurposedpv:Purpose
Broader/Parent types dpv:ResearchAndDevelopmentdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with conducting research in a commercial setting or with intention to commercialise e.g. in a company or sponsored by a company
Related svpu:Develop
Date Created 2019-04-05
Date Modified 2024-04-14
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section PURPOSES in DPV

Communication for Customer Care

Term CommunicationForCustomerCare Prefix dpv
Label Communication for Customer Care
IRI https://w3id.org/dpv#CommunicationForCustomerCare
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CommunicationManagementdpv:Purpose
Broader/Parent types dpv:CustomerCaredpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Care Communication refers to purposes associated with communicating with customers for assisting them, resolving issues, ensuring satisfaction, etc. in relation to services provided
Date Created 2020-11-04
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Communication Management

Term CommunicationManagement Prefix dpv
Label Communication Management
IRI https://w3id.org/dpv#CommunicationManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Purpose
Object of relation dpv:hasPurpose
Definition Communication Management refers to purposes associated with providing or managing communication activities e.g. to send an email for notifying some information
Usage Note This purpose by itself does not sufficiently and clearly indicate what the communication is about. As such, it is recommended to combine it with another purpose to indicate the application. For example, Communication of Payment.
Date Created 2021-09-01
Contributors Georg P. Krog, Paul Ryan, David Hickey, Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Compensation

Term Compensation Prefix dpv
Label Compensation
IRI https://w3id.org/dpv#Compensation
Type rdfs:Class, skos:Concept, dpv:Impact
Broader/Parent types dpv:Benefitdpv:Impactdpv:Consequence
Subject of relation dpv:hasImpactOn
Object of relation dpv:hasConsequence, dpv:hasImpact
Definition Compensation provided (as an impact)
Date Created 2024-04-14
Contributors Georg P. Krog, Harshvardhan J. Pandit
See More: section RISK in DPV

Compliance Assessment

Term ComplianceAssessment Prefix dpv
Label Compliance Assessment
IRI https://w3id.org/dpv#ComplianceAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Assessment regarding compliance (e.g. internal policy, regulations)
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Compliance Indeterminate

Term ComplianceIndeterminate Prefix dpv
Label Compliance Indeterminate
IRI https://w3id.org/dpv#ComplianceIndeterminate
Type rdfs:Class, skos:Concept, dpv:ComplianceStatus
Broader/Parent types dpv:ComplianceStatusdpv:Statusdpv:Context
Object of relation dpv:hasComplianceStatus, dpv:hasContext, dpv:hasStatus
Definition State where the status of compliance has not been fully assessed, evaluated, or determined
Date Created 2022-09-07
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Compliance Monitoring

Term ComplianceMonitoring Prefix dpv
Label Compliance Monitoring
IRI https://w3id.org/dpv#ComplianceMonitoring
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Monitoring of compliance (e.g. internal policy, regulations)
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Compliance Status

Term ComplianceStatus Prefix dpv
Label Compliance Status
IRI https://w3id.org/dpv#ComplianceStatus
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Statusdpv:Context
Object of relation dpv:hasComplianceStatus, dpv:hasContext, dpv:hasStatus
Definition Status associated with Compliance with some norms, objectives, or requirements
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Compliance Unknown

Term ComplianceUnknown Prefix dpv
Label Compliance Unknown
IRI https://w3id.org/dpv#ComplianceUnknown
Type rdfs:Class, skos:Concept, dpv:ComplianceStatus
Broader/Parent types dpv:ComplianceStatusdpv:Statusdpv:Context
Object of relation dpv:hasComplianceStatus, dpv:hasContext, dpv:hasStatus
Definition State where the status of compliance is unknown
Date Created 2022-09-07
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Compliance Violation

Term ComplianceViolation Prefix dpv
Label Compliance Violation
IRI https://w3id.org/dpv#ComplianceViolation
Type rdfs:Class, skos:Concept, dpv:ComplianceStatus
Broader/Parent types dpv:ComplianceStatusdpv:Statusdpv:Context
Object of relation dpv:hasComplianceStatus, dpv:hasContext, dpv:hasStatus
Definition State where compliance cannot be achieved due to requirements being violated
Usage Note Changed from "violation of compliance" for consistency with other terms
Date Created 2022-05-18
Date Modified 2022-09-07
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Compliant

Term Compliant Prefix dpv
Label Compliant
IRI https://w3id.org/dpv#Compliant
Type rdfs:Class, skos:Concept, dpv:ComplianceStatus
Broader/Parent types dpv:ComplianceStatusdpv:Statusdpv:Context
Object of relation dpv:hasComplianceStatus, dpv:hasContext, dpv:hasStatus
Definition State of being fully compliant
Date Created 2022-05-18
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Conditional Automation

Term ConditionalAutomation Prefix dpv
Label Conditional Automation
IRI https://w3id.org/dpv#ConditionalAutomation
Type rdfs:Class, skos:Concept, dpv:AutomationLevel
Broader/Parent types dpv:AutomationLeveldpv:ProcessingContextdpv:Context
Object of relation dpv:hasAutomationLevel, dpv:hasContext
Definition Level of automation corresponding to Level 3 in ISO/IEC 22989:2022 where the automation is sufficient to perform most tasks of the system with the human present to take over where necessary
Usage Note Human Involvement is implied here, e.g. for intervention, input, decisions
Source ISO/IEC 22989:2022 Artificial intelligence concepts and terminology
Date Created 2023-12-10
Date Modified 2024-04-20
Contributors Harshvardhan J. Pandit, Delaram Golpayegani
See More: section PROCESSING-CONTEXT in DPV

ConfidentialData

Term ConfidentialData Prefix dpv
Label ConfidentialData
IRI https://w3id.org/dpv#ConfidentialData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Data
Object of relation dpv:hasData
Definition Data deemed confidential
Source
See More: section PERSONAL-DATA in DPV

Confidentiality Agreement

Term ConfidentialityAgreement Prefix dpv
Label Confidentiality Agreement
IRI https://w3id.org/dpv#ConfidentialityAgreement
Type rdfs:Class, skos:Concept, dpv:LegalMeasure
Broader/Parent types dpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Agreements that enforce confidentiality for e.g. to protect business, professional, or company secrets
Source
See More: section TOM-LEGAL in DPV

Conformance Assessment

Term ConformanceAssessment Prefix dpv
Label Conformance Assessment
IRI https://w3id.org/dpv#ConformanceAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Assessment regarding conformance with standards or norms or guidelines or similar instruments
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Conformance Status

Term ConformanceStatus Prefix dpv
Label Conformance Status
IRI https://w3id.org/dpv#ConformanceStatus
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasStatus
Definition Status associated with conformance to a standard, guideline, code, or recommendation
Date Created 2022-10-22
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Conformant

Term Conformant Prefix dpv
Label Conformant
IRI https://w3id.org/dpv#Conformant
Type rdfs:Class, skos:Concept, dpv:ConformanceStatus
Broader/Parent types dpv:ConformanceStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasStatus
Definition State of being conformant
Date Created 2022-10-22
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-STATUS in DPV

Consent Control

Term ConsentControl Prefix dpv
Label Consent Control
IRI https://w3id.org/dpv#ConsentControl
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasConsentControl, dpv:hasContext, dpv:hasEntityInvolvement
Definition The control or activity associated with obtaining, providing, withdrawing, or reaffirming consent
Date Created 2024-05-11
See More: section LEGAL-BASIS-CONSENT-CONTROLS in DPV

Consent Expired

Term ConsentExpired Prefix dpv
Label Consent Expired
IRI https://w3id.org/dpv#ConsentExpired
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state where the temporal or contextual validity of consent has 'expired'
Usage Note An example of this state is when the obtained consent has been assigned a duration - which has lapsed or 'expired', making it invalid to be used further for processing data
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Given

Term ConsentGiven Prefix dpv
Label Consent Given
IRI https://w3id.org/dpv#ConsentGiven
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusValidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state where consent has been given
Usage Note An example of this state is when the individual clicks on a button, ticks a checkbox, verbally agrees - or any other form that communicates their decision agreeing to the processing of data
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Invalidated

Term ConsentInvalidated Prefix dpv
Label Consent Invalidated
IRI https://w3id.org/dpv#ConsentInvalidated
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state where consent has been deemed to be invalid
Usage Note An example of this state is where an investigating authority or a court finds the collected consent did not meet requirements, and 'invalidates' both prior and future uses of it to carry out processing
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Management

Term ConsentManagement Prefix dpv
Label Consent Management
IRI https://w3id.org/dpv#ConsentManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:PermissionManagementdpv:RightsManagementdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Methods to obtain, provide, modify, and withdraw consent alongwith maintaining a record of consent, retrieving records, and processing changes in consent states
Source
Date Created 2024-04-14
Contributors Beatriz Esteves, Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Consent Notice

Term ConsentNotice Prefix dpv
Label Consent Notice
IRI https://w3id.org/dpv#ConsentNotice
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:PrivacyNoticedpv:Noticedpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasNotice, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition A Notice for information provision associated with Consent
Date Created 2022-06-21
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section TOM-ORGANISATIONAL in DPV

Consent Record

Term ConsentRecord Prefix dpv
Label Consent Record
IRI https://w3id.org/dpv#ConsentRecord
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingRecorddpv:RecordsOfActivitiesdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasRecordOfActivity, dpv:hasTechnicalOrganisationalMeasure
Definition A Record of Consent or Consent related activities
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section TOM-ORGANISATIONAL in DEX

Consent Refused

Term ConsentRefused Prefix dpv
Label Consent Refused
IRI https://w3id.org/dpv#ConsentRefused
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state where consent has been refused
Usage Note An example of this state is when the individual clicks on a 'disagree' or 'reject' or 'refuse' button, or leaves a checkbox unticked
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Request Deferred

Term ConsentRequestDeferred Prefix dpv
Label Consent Request Deferred
IRI https://w3id.org/dpv#ConsentRequestDeferred
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition State where a request for consent has been deferred without a decision
Usage Note An example of this state is when the individual closes or dismisses a notice without making a decision. This state is intended for making the distinction between a notice being provided (as a consent request) and the individual interacting with the notice without making a decision - where the 'ignoring of a notice' is taken as consent being neither given nor refused
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Requested

Term ConsentRequested Prefix dpv
Label Consent Requested
IRI https://w3id.org/dpv#ConsentRequested
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition State where a request for consent has been made and is awaiting a decision
Usage Note An example of this state is when a notice has been presented to the individual but they have not made a decision
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Revoked

Term ConsentRevoked Prefix dpv
Label Consent Revoked
IRI https://w3id.org/dpv#ConsentRevoked
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state where the consent is revoked by an entity other than the data subject and which prevents it from being further used as a valid state
Usage Note An example of this state is when a Data Controller stops utilising previously obtaining consent, such as when that service no longer exists
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Status

Term ConsentStatus Prefix dpv
Label Consent Status
IRI https://w3id.org/dpv#ConsentStatus
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state or status of 'consent' that provides information reflecting its operational status and validity for processing data
Usage Note States are useful as information artefacts to implement them in controlling processing, and to reflect the process and flow of obtaining and maintaining consent. For example, a database table that stores consent states for specific processing and can be queried to obtain them in an efficient manner. States are also useful in investigations to determine the use and validity of consenting practices
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DEX

Consent Status Invalid for Processing

Term ConsentStatusInvalidForProcessing Prefix dpv
Label Consent Status Invalid for Processing
IRI https://w3id.org/dpv#ConsentStatusInvalidForProcessing
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition States of consent that cannot be used as valid justifications for processing data
Usage Note This identifies the stages associated with consent that should not be used to process data
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Status Valid for Processing

Term ConsentStatusValidForProcessing Prefix dpv
Label Consent Status Valid for Processing
IRI https://w3id.org/dpv#ConsentStatusValidForProcessing
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition States of consent that can be used as valid justifications for processing data
Usage Note Practically, given consent is the only valid state for processing
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Unknown

Term ConsentUnknown Prefix dpv
Label Consent Unknown
IRI https://w3id.org/dpv#ConsentUnknown
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition State where information about consent is not available or is unknown
Usage Note Consent states can be unknown, for example, when information is not available, or cannot be trusted, or is known to be inaccurate
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consent Withdrawn

Term ConsentWithdrawn Prefix dpv
Label Consent Withdrawn
IRI https://w3id.org/dpv#ConsentWithdrawn
Type rdfs:Class, skos:Concept, dpv:ConsentStatus
Broader/Parent types dpv:ConsentStatusInvalidForProcessingdpv:ConsentStatusdpv:Statusdpv:Context
Object of relation dpv:hasConsentStatus, dpv:hasContext, dpv:hasStatus
Definition The state where the consent is withdrawn or revoked specifically by the data subject and which prevents it from being further used as a valid state
Usage Note This state can be considered a form of 'revocation' of consent, where the revocation can only be performed by the data subject. Therefore we suggest using ConsentRevoked when it is a non-data-subject entity, and ConsentWithdrawn when it is the data subject
Source GConsent
Date Created 2022-06-22
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-STATUS in DPV

Consequence

Term Consequence Prefix dpv
Label Consequence
IRI https://w3id.org/dpv#Consequence
Type rdfs:Class, skos:Concept
Subject of relation dpv:hasConsequenceOn
Object of relation dpv:hasConsequence
Definition The consequence(s) possible or arising from specified context
Date Created 2022-01-26
Contributors Harshvardhan J. Pandit
See More: section RISK in DEX

Consequence as Side-Effect

Term ConsequenceAsSideEffect Prefix dpv
Label Consequence as Side-Effect
IRI https://w3id.org/dpv#ConsequenceAsSideEffect
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Consequence
Object of relation dpv:hasConsequence
Definition The consequence(s) possible or arising as a side-effect of specified context
Date Created 2022-03-30
Contributors Harshvardhan J. Pandit
See More: section RISK in DPV

Consequence of Failure

Term ConsequenceOfFailure Prefix dpv
Label Consequence of Failure
IRI https://w3id.org/dpv#ConsequenceOfFailure
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Consequence
Object of relation dpv:hasConsequence
Definition The consequence(s) possible or arising from failure of specified context
Date Created 2022-03-23
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section RISK in DPV

Consequence of Success

Term ConsequenceOfSuccess Prefix dpv
Label Consequence of Success
IRI https://w3id.org/dpv#ConsequenceOfSuccess
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Consequence
Object of relation dpv:hasConsequence
Definition The consequence(s) possible or arising from success of specified context
Date Created 2022-03-23
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section RISK in DPV

Consult

Term Consult Prefix dpv
Label Consult
IRI https://w3id.org/dpv#Consult
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Usedpv:Processing
Object of relation dpv:hasProcessing
Definition to consult or query data
Source GDPR Art.4-2, SPECIAL Project
Related svpr:Query
Date Created 2019-05-07
See More: section PROCESSING in DPV

Consultation

Term Consultation Prefix dpv
Label Consultation
IRI https://w3id.org/dpv#Consultation
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Consultation is a process of receiving feedback, advice, or opinion from an external agency
Date Created 2020-11-04
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
See More: section TOM-ORGANISATIONAL in DPV

Consultation with Authority

Term ConsultationWithAuthority Prefix dpv
Label Consultation with Authority
IRI https://w3id.org/dpv#ConsultationWithAuthority
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Consultationdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Consultation with an authority or authoritative entity
Date Created 2020-11-04
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
See More: section TOM-ORGANISATIONAL in DPV

Consultation with Data Subject

Term ConsultationWithDataSubject Prefix dpv
Label Consultation with Data Subject
IRI https://w3id.org/dpv#ConsultationWithDataSubject
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Consultationdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Consultation with data subject(s) or their representative(s)
Date Created 2022-06-15
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Consultation with Data Subject Representative

Term ConsultationWithDataSubjectRepresentative Prefix dpv
Label Consultation with Data Subject Representative
IRI https://w3id.org/dpv#ConsultationWithDataSubjectRepresentative
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:ConsultationWithDataSubjectdpv:Consultationdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Consultation with representative of data subject(s)
Date Created 2022-10-22
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Consultation with DPO

Term ConsultationWithDPO Prefix dpv
Label Consultation with DPO
IRI https://w3id.org/dpv#ConsultationWithDPO
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Consultationdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Consultation with Data Protection Officer(s)
Date Created 2022-06-15
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Consumer

Term Consumer Prefix dpv
Label Consumer
IRI https://w3id.org/dpv#Consumer
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that consume goods or services for direct use
Date Created 2022-04-06
Contributors Harshvardhan J. Pandit, Georg P. Krog, Julian Flake, Paul Ryan, Beatriz Esteves
See More: section ENTITIES-DATASUBJECT in DPV

Context

Term Context Prefix dpv
Label Context
IRI https://w3id.org/dpv#Context
Type rdfs:Class, skos:Concept
Subject of relation dpv:hasObligation, dpv:hasPermission, dpv:hasProhibition, dpv:hasRule
Object of relation dpv:hasContext
Definition Contextually relevant information
Usage Note Context is a catch-all concept for information of relevance not possible to represent through other core concepts. DPV offers specific contextual concepts such as Necessity, Frequency, and Duration. More can be created by extending Context within use-cases.
Date Created 2019-04-05
Date Modified 2022-06-15
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section CONTEXT in DEX

Continous Frequency

Term ContinousFrequency Prefix dpv
Label Continous Frequency
IRI https://w3id.org/dpv#ContinousFrequency
Type rdfs:Class, skos:Concept, dpv:Frequency
Broader/Parent types dpv:Frequencydpv:Context
Object of relation dpv:hasContext, dpv:hasFrequency
Definition Frequency where occurences are continous
Date Created 2022-06-15
Date Modified 2020-10-05
Contributors Harshvardhan J. Pandit
See More: section CONTEXT in DPV

Contract

Term Contract Prefix dpv
Label Contract
IRI https://w3id.org/dpv#Contract
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Creation, completion, fulfilment, or performance of a contract involving specified processing of data or technologies
Date Created 2021-04-07
Contributors Harshvardhan J. Pandit
See More: section LEGAL-BASIS in DPV

Contract Performance

Term ContractPerformance Prefix dpv
Label Contract Performance
IRI https://w3id.org/dpv#ContractPerformance
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:Contractdpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Fulfilment or performance of a contract involving specified processing
Date Created 2021-04-07
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
See More: section LEGAL-BASIS in DPV

Contractual Terms

Term ContractualTerms Prefix dpv
Label Contractual Terms
IRI https://w3id.org/dpv#ContractualTerms
Type rdfs:Class, skos:Concept, dpv:LegalMeasure
Broader/Parent types dpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Contractual terms governing data handling within or with an entity
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-LEGAL in DPV

Controller Informed

Term ControllerInformed Prefix dpv
Label Controller Informed
IRI https://w3id.org/dpv#ControllerInformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityInformeddpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating Controller has been informed about the specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Controller-Processor Agreement

Term ControllerProcessorAgreement Prefix dpv
Label Controller-Processor Agreement
IRI https://w3id.org/dpv#ControllerProcessorAgreement
Type rdfs:Class, skos:Concept, dpv:LegalMeasure
Broader/Parent types dpv:DataProcessingAgreementdpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition An agreement outlining conditions, criteria, obligations, responsibilities, and specifics for carrying out processing of data between a Data Controller and a Data Processor
Date Created 2022-01-26
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves, Paul Ryan, Julian Flake
See More: section TOM-LEGAL in DEX

Controller Uninformed

Term ControllerUninformed Prefix dpv
Label Controller Uninformed
IRI https://w3id.org/dpv#ControllerUninformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityUninformeddpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating Controller is uninformed i.e. has not been informed about the specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Copy

Term Copy Prefix dpv
Label Copy
IRI https://w3id.org/dpv#Copy
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Processing
Object of relation dpv:hasProcessing
Definition to produce an exact reproduction of the data
Source SPECIAL Project
Related svpr:Copy
Date Created 2019-05-07
See More: section PROCESSING in DPV

Correcting Process

Term CorrectingProcess Prefix dpv
Label Correcting Process
IRI https://w3id.org/dpv#CorrectingProcess
Type rdfs:Class, skos:Concept, dpv:EntityPermissiveInvolvement
Broader/Parent types dpv:EntityPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity can correct the process of specified context
Usage Note Correction of process refers to the ability to change how the process takes place
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Correcting Process Input

Term CorrectingProcessInput Prefix dpv
Label Correcting Process Input
IRI https://w3id.org/dpv#CorrectingProcessInput
Type rdfs:Class, skos:Concept, dpv:EntityPermissiveInvolvement
Broader/Parent types dpv:EntityPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity can correct input of specified context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Correcting Process Output

Term CorrectingProcessOutput Prefix dpv
Label Correcting Process Output
IRI https://w3id.org/dpv#CorrectingProcessOutput
Type rdfs:Class, skos:Concept, dpv:EntityPermissiveInvolvement
Broader/Parent types dpv:EntityPermissiveInvolvementdpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity can correct the output of specified context
Usage Note Correction of outputs allows modification of the output - implying continuation of the process. This is distinct from reversing of outputs which revert the output back to its previous value and possibly imply not continuing with the process
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Counter Money Laundering

Term CounterMoneyLaundering Prefix dpv
Label Counter Money Laundering
IRI https://w3id.org/dpv#CounterMoneyLaundering
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:FraudPreventionAndDetectiondpv:MisusePreventionAndDetectiondpv:EnforceSecuritydpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with detection, prevention, and mitigation of mitigate money laundering
Date Created 2022-04-20
Contributors Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Counterterrorism

Term Counterterrorism Prefix dpv
Label Counterterrorism
IRI https://w3id.org/dpv#Counterterrorism
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:PublicBenefitdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with activities that detect, prevent, mitigate, or otherwise perform activities to combat or eliminate terrorism (also referred to as anti-terrorism)
Date Created 2022-04-20
Date Modified 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Country

Term Country Prefix dpv
Label Country
IRI https://w3id.org/dpv#Country
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Location
Object of relation dpv:hasCountry, dpv:hasJurisdiction, dpv:hasLocation
Definition A political entity indicative of a sovereign or non-sovereign territorial state comprising of distinct geographical areas
Usage Note The definition of country is not intended for political interpretation. DPVCG welcomes alternate definitions based in existing sources with global scope, such as UN or ISO.
Date Created 2022-01-19
Contributors Harshvardhan J. Pandit, Georg P. Krog
See More: section CONTEXT-JURISDICTION in DPV

Credential Management

Term CredentialManagement Prefix dpv
Label Credential Management
IRI https://w3id.org/dpv#CredentialManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:AuthorisationProceduredpv:SecurityProceduredpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Management of credentials and their use in authorisations
Date Created 2022-06-15
Contributors Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Credit Checking

Term CreditChecking Prefix dpv
Label Credit Checking
IRI https://w3id.org/dpv#CreditChecking
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CustomerSolvencyMonitoringdpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with monitoring, performing, or assessing credit worthiness or solvency
Date Created 2022-04-20
Contributors Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Cross-Border Transfer

Term CrossBorderTransfer Prefix dpv
Label Cross-Border Transfer
IRI https://w3id.org/dpv#CrossBorderTransfer
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Transferdpv:Processing
Object of relation dpv:hasProcessing
Definition to move data from one jurisdiction (border) to another
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section PROCESSING in DPV

Cryptographic Authentication

Term CryptographicAuthentication Prefix dpv
Label Cryptographic Authentication
IRI https://w3id.org/dpv#CryptographicAuthentication
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:AuthenticationProtocolsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Broader/Parent types dpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of cryptography for authentication
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Cryptographic Key Management

Term CryptographicKeyManagement Prefix dpv
Label Cryptographic Key Management
IRI https://w3id.org/dpv#CryptographicKeyManagement
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Management of cryptographic keys, including their generation, storage, assessment, and safekeeping
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Cryptographic Methods

Term CryptographicMethods Prefix dpv
Label Cryptographic Methods
IRI https://w3id.org/dpv#CryptographicMethods
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of cryptographic methods to perform tasks
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Customer

Term Customer Prefix dpv
Label Customer
IRI https://w3id.org/dpv#Customer
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that purchase goods or services
Usage Note note: for B2B relations where customers are organisations, this concept only applies for data subjects
Date Created 2022-04-06
Contributors Harshvardhan J. Pandit, Georg P. Krog, Julian Flake, Paul Ryan, Beatriz Esteves
See More: section ENTITIES-DATASUBJECT in DPV

Customer Care

Term CustomerCare Prefix dpv
Label Customer Care
IRI https://w3id.org/dpv#CustomerCare
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Care refers to purposes associated with purposes for providing assistance, resolving issues, ensuring satisfaction, etc. in relation to services provided
Related svpu:Feedback
Date Created 2019-04-05
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section PURPOSES in DPV

Customer Claims Management

Term CustomerClaimsManagement Prefix dpv
Label Customer Claims Management
IRI https://w3id.org/dpv#CustomerClaimsManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Claims Management refers to purposes associated with managing claims, including repayment of monies owed
Source Belgian DPA ROPA Template
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Customer Management

Term CustomerManagement Prefix dpv
Label Customer Management
IRI https://w3id.org/dpv#CustomerManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Management refers to purposes associated with managing activities related with past, current, and future customers
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Customer Order Management

Term CustomerOrderManagement Prefix dpv
Label Customer Order Management
IRI https://w3id.org/dpv#CustomerOrderManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Order Management refers to purposes associated with managing customer orders i.e. processing of an order related to customer's purchase of good or services
Source Belgian DPA ROPA Template
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Customer Relationship Management

Term CustomerRelationshipManagement Prefix dpv
Label Customer Relationship Management
IRI https://w3id.org/dpv#CustomerRelationshipManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Relationship Management refers to purposes associated with managing and analysing interactions with past, current, and potential customers
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Customer Solvency Monitoring

Term CustomerSolvencyMonitoring Prefix dpv
Label Customer Solvency Monitoring
IRI https://w3id.org/dpv#CustomerSolvencyMonitoring
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:CustomerManagementdpv:Purpose
Object of relation dpv:hasPurpose
Definition Customer Solvency Monitoring refers to purposes associated with monitor solvency of customers for financial diligence
Source Belgian DPA ROPA Template
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Cybersecurity Assessment

Term CybersecurityAssessment Prefix dpv
Label Cybersecurity Assessment
IRI https://w3id.org/dpv#CybersecurityAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:SecurityAssessmentdpv:RiskAssessmentdpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasRiskAssessment, dpv:hasTechnicalOrganisationalMeasure
Definition Assessment of cybersecurity capabilities in terms of vulnerabilities and effectiveness of controls
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section RISK in DPV

Cybersecurity Training

Term CybersecurityTraining Prefix dpv
Label Cybersecurity Training
IRI https://w3id.org/dpv#CybersecurityTraining
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:StaffTrainingdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Training methods related to cybersecurity
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Damage

Term Damage Prefix dpv
Label Damage
IRI https://w3id.org/dpv#Damage
Type rdfs:Class, skos:Concept, dpv:Impact
Broader/Parent types dpv:Impactdpv:Consequence
Subject of relation dpv:hasImpactOn
Object of relation dpv:hasConsequence, dpv:hasImpact
Definition Impact that acts as or causes damages
Date Created 2022-03-30
Contributors Harshvardhan J. Pandit
See More: section RISK in DPV

Data

Term Data Prefix dpv
Label Data
IRI https://w3id.org/dpv#Data
Type rdfs:Class, skos:Concept
Object of relation dpv:hasData
Definition A broad concept representing 'data' or 'information'
Date Created 2022-01-19
Contributors Harshvardhan J. Pandit
See More: section PERSONAL-DATA in DPV

Data Altruism

Term DataAltruism Prefix dpv
Label Data Altruism
IRI https://w3id.org/dpv#DataAltruism
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:PublicBenefitdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with the voluntary sharing of data for the general interest of the public, such as healthcare or combating climate change
Usage Note Data Altruism as a purpose should be combined with other purposes to indicate their altruistic interpretation or application. E.g. improving healthcare and data altruism in combination.
Source
Contributors Beatriz Esteves, Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Data Backup Protocols

Term DataBackupProtocols Prefix dpv
Label Data Backup Protocols
IRI https://w3id.org/dpv#DataBackupProtocols
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Protocols or plans for backing up of data
Date Created 2022-06-15
Contributors Georg P. Krog
See More: section TOM-TECHNICAL in DPV

Data Breach Impact Assessment (DBIA)

Term DataBreachImpactAssessment Prefix dpv
Label Data Breach Impact Assessment (DBIA)
IRI https://w3id.org/dpv#DataBreachImpactAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:RightsImpactAssessmentdpv:ImpactAssessmentdpv:RiskAssessmentdpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasImpactAssessment, dpv:hasOrganisationalMeasure, dpv:hasRiskAssessment, dpv:hasTechnicalOrganisationalMeasure
Definition Impact Assessment concerning the consequences and impacts of a data breach
Usage Note Data Breach assessments can require additional non-security related assessments such as GDPR Art.34 Rights Impact Assessment
Date Created 2024-04-15
Contributors Harshvardhan J. Pandit
See More: section RISK in DPV

Data Breach Notification

Term DataBreachNotification Prefix dpv
Label Data Breach Notification
IRI https://w3id.org/dpv#DataBreachNotification
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:SecurityIncidentNotificationdpv:Notificationdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Notification of information about data breach(es) i.e. unauthorised transfer, access, use, or modification of data
Source DGA 12.k
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Breach Notice

Term DataBreachNotifice Prefix dpv
Label Data Breach Notice
IRI https://w3id.org/dpv#DataBreachNotifice
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:SecurityIncidentNoticedpv:Noticedpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasNotice, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition A notice providing information about data breach(es) i.e. unauthorised transfer, access, use, or modification of data
Source DGA 12.k
Date Created 2024-04-14
Contributors Georg P. Krog, Paul Ryan, David Hickey, Beatriz Esteves, Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Breach Record

Term DataBreachRecord Prefix dpv
Label Data Breach Record
IRI https://w3id.org/dpv#DataBreachRecord
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:RecordsOfActivitiesdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasRecordOfActivity, dpv:hasTechnicalOrganisationalMeasure
Definition Record of a data breach incident
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Controller

Term DataController Prefix dpv
Label Data Controller
IRI https://w3id.org/dpv#DataController
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataController, dpv:hasEntity, dpv:hasRecipientDataController, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition The individual or organisation that decides (or controls) the purpose(s) of processing personal data.
Usage Note The terms 'Controller', 'Data Controller', and 'PII Controller' refer to the same concept
Source GDPR Art.4-7g
Date Created 2019-04-05
Date Modified 2020-11-04
Contributors Axel Polleres, Javier Fernández
See More: section ENTITIES-LEGALROLE in DEX

Data Controller Contract

Term DataControllerContract Prefix dpv
Label Data Controller Contract
IRI https://w3id.org/dpv#DataControllerContract
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:Contractdpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Creation, completion, fulfilment, or performance of a contract, with Data Controllers as parties being Joint Data Controllers, and involving specified processing
Date Created 2023-12-10
See More: section LEGAL-BASIS in DPV

Data Controller as Data Source

Term DataControllerDataSource Prefix dpv
Label Data Controller as Data Source
IRI https://w3id.org/dpv#DataControllerDataSource
Type rdfs:Class, skos:Concept, dpv:DataSource
Broader/Parent types dpv:DataSourcedpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasDataSource
Definition Data Sourced from Data Controller(s), e.g. a Controller inferring data or generating data
Date Created 2023-10-12
See More: section PROCESSING-CONTEXT in DPV

Data Deletion Policy

Term DataDeletionPolicy Prefix dpv
Label Data Deletion Policy
IRI https://w3id.org/dpv#DataDeletionPolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingPolicydpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy regarding deletion of data
Usage Note Deletion and Erasure are distinct activities where deletion refers to logical removal of data with the possibility of retrieval whereas erasure refers to destruction of data such that it cannot be retrieved. See dpv:DataErasurePolicy
Date Created 2024-04-14
Contributors Georg P. Krog, Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Erasure Policy

Term DataErasurePolicy Prefix dpv
Label Data Erasure Policy
IRI https://w3id.org/dpv#DataErasurePolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingPolicydpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy regarding erasure of data
Usage Note Erasure or data destruction or secure removal of data refers to irreversible erasure of data. See dpv:DataDeletion for reversible or logical deletion of data
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Exporter

Term DataExporter Prefix dpv
Label Data Exporter
IRI https://w3id.org/dpv#DataExporter
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataExporter, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition An entity that 'exports' data where exporting is considered a form of data transfer
Usage Note The term 'Data Exporter' is used by the EU-EDPB as the entity that transfer data across borders. While the EDPB refers to the jurisdictional border of EU, the term within DPV can be used to denote any 'export' or transfer or transmission of data and is thus a broader concept than the EDPB's definition.
Source EDPB Recommendations 01/2020 on Data Transfers
Date Created 2021-09-08
Contributors David Hickey, Georg P. Krog, Paul Ryan, Harshvardhan J. Pandit
See More: section ENTITIES-LEGALROLE in DPV

Data Governance

Term DataGovernance Prefix dpv
Label Data Governance
IRI https://w3id.org/dpv#DataGovernance
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Measures associated with topics typically considered to be part of 'Data Governance'
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Importer

Term DataImporter Prefix dpv
Label Data Importer
IRI https://w3id.org/dpv#DataImporter
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Recipientdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataImporter, dpv:hasEntity, dpv:hasRecipient, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition An entity that 'imports' data where importing is considered a form of data transfer
Usage Note The term 'Data Importer' is used by the EU-EDPB as the entity that receives transferred data across borders. While the EDPB refers to the jurisdictional border of EU, the term within DPV can be used to denote any 'import' or reception of transfer or transmission of data and is thus a broader concept than the EDPB's definition.
Source EDPB Recommendations 01/2020 on Data Transfers
Date Created 2021-09-08
Contributors David Hickey, Georg P. Krog, Paul Ryan, Harshvardhan J. Pandit
See More: section ENTITIES-LEGALROLE in DPV

Data Interoperability Assessment

Term DataInteroperabilityAssessment Prefix dpv
Label Data Interoperability Assessment
IRI https://w3id.org/dpv#DataInteroperabilityAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Broader/Parent types dpv:DataInteroperabilityManagementdpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasPurpose, dpv:hasTechnicalOrganisationalMeasure
Definition Measures associated with assessment of data interoperability
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Interoperability Improvement

Term DataInteroperabilityImprovement Prefix dpv
Label Data Interoperability Improvement
IRI https://w3id.org/dpv#DataInteroperabilityImprovement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataInteroperabilityManagementdpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Measures associated with improvement of data interoperability
Source
Date Created 2024-04-14
Contributors Beatriz Esteves, Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Interoperability Management

Term DataInteroperabilityManagement Prefix dpv
Label Data Interoperability Management
IRI https://w3id.org/dpv#DataInteroperabilityManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Measures associated with management of data interoperablity
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Inventory Management

Term DataInventoryManagement Prefix dpv
Label Data Inventory Management
IRI https://w3id.org/dpv#DataInventoryManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Measures associated with management of data inventory or a data asset list
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Jurisdiction Policy

Term DataJurisdictionPolicy Prefix dpv
Label Data Jurisdiction Policy
IRI https://w3id.org/dpv#DataJurisdictionPolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingPolicydpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy specifying jurisdictional requirements for data processing
Usage Note Jurisdictional requirements can refer to data being stored within specific jurisdictions, or that data must be in line with jurisdictional laws and norms
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Literacy

Term DataLiteracy Prefix dpv
Label Data Literacy
IRI https://w3id.org/dpv#DataLiteracy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DigitalLiteracydpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Providing skills, knowledge, and understanding to enable reading, writing, analysing, reasoning, and communicating regarding data
Date Created 2024-05-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Processing Agreement

Term DataProcessingAgreement Prefix dpv
Label Data Processing Agreement
IRI https://w3id.org/dpv#DataProcessingAgreement
Type rdfs:Class, skos:Concept, dpv:LegalMeasure
Broader/Parent types dpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition An agreement outlining conditions, criteria, obligations, responsibilities, and specifics for carrying out processing of data
Usage Note For specific role-based data processing agreements, see concepts for Processors and JointDataController agreements.
Date Created 2022-01-26
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves, Paul Ryan, Julian Flake
See More: section TOM-LEGAL in DPV

Data Processing Policy

Term DataProcessingPolicy Prefix dpv
Label Data Processing Policy
IRI https://w3id.org/dpv#DataProcessingPolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy regarding data processing activities
Usage Note This only refers to the policy or plan or procedure describing how the data processing should be conducted. To represent the granular details, see further concepts e.g. dpv:DataStoragePolicy to describe policy regarding storage, or dpv:DataStorageCondition to represent information within the policy for how information should be stored
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Processing Record

Term DataProcessingRecord Prefix dpv
Label Data Processing Record
IRI https://w3id.org/dpv#DataProcessingRecord
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:RecordsOfActivitiesdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasRecordOfActivity, dpv:hasTechnicalOrganisationalMeasure
Definition Record of data processing, whether ex-ante or ex-post
Date Created 2021-09-08
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Processor

Term DataProcessor Prefix dpv
Label Data Processor
IRI https://w3id.org/dpv#DataProcessor
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Recipientdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataProcessor, dpv:hasEntity, dpv:hasRecipient, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition A ‘processor’ means a natural or legal person, public authority, agency or other body which processes data on behalf of the controller.
Source GDPR Art.4-8
Date Created 2019-06-04
Contributors Harshvardhan J. Pandit
See More: section ENTITIES-LEGALROLE in DEX

Data Processor Contract

Term DataProcessorContract Prefix dpv
Label Data Processor Contract
IRI https://w3id.org/dpv#DataProcessorContract
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:Contractdpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Creation, completion, fulfilment, or performance of a contract, with the Data Controller and Data Processor as parties, and involving specified processing
Date Created 2023-12-10
See More: section LEGAL-BASIS in DPV

Data Protection Authority

Term DataProtectionAuthority Prefix dpv
Label Data Protection Authority
IRI https://w3id.org/dpv#DataProtectionAuthority
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Authoritydpv:GovernmentalOrganisationdpv:Organisationdpv:LegalEntitydpv:Entity
Object of relation dpv:hasAuthority, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:hasSubsidiary, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor, dpv:isSubsidiaryOf
Definition An authority tasked with overseeing legal compliance regarding privacy and data protection laws.
Date Created 2020-11-04
Contributors Georg P. Krog, Paul Ryan, Harshvardhan J. Pandit
See More: section ENTITIES-AUTHORITY in DPV

Data Protection Officer

Term DataProtectionOfficer Prefix dpv
Label Data Protection Officer
IRI https://w3id.org/dpv#DataProtectionOfficer
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Representativedpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataProtectionOfficer, dpv:hasEntity, dpv:hasRepresentative, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition An entity within or authorised by an organisation to monitor internal compliance, inform and advise on data protection obligations and act as a contact point for data subjects and the supervisory authority.
Source GDPR Art.37
Date Created 2020-11-04
Date Modified 2021-12-08
Contributors Georg P. Krog, Paul Ryan
See More: section ENTITIES-LEGALROLE in DPV

Data Protection Training

Term DataProtectionTraining Prefix dpv
Label Data Protection Training
IRI https://w3id.org/dpv#DataProtectionTraining
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:StaffTrainingdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Training intended to increase knowledge regarding data protection
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data published by Data Subject

Term DataPublishedByDataSubject Prefix dpv
Label Data published by Data Subject
IRI https://w3id.org/dpv#DataPublishedByDataSubject
Type rdfs:Class, skos:Concept, dpv:DataSubjectDataSource
Broader/Parent types dpv:DataSubjectDataSourcedpv:DataSourcedpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasDataSource
Definition Data is published by the data subject
Usage Note This refers to where that data was made publicly available by the data subject. An example of this would be a social media profile that the data subject has made publicly accessible.
Date Created 2022-08-24
Date Modified 2023-12-10
Contributors Julian Flake
See More: section PROCESSING-CONTEXT in DPV

Data Quality Assessment

Term DataQualityAssessment Prefix dpv
Label Data Quality Assessment
IRI https://w3id.org/dpv#DataQualityAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Broader/Parent types dpv:DataQualityManagementdpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasPurpose, dpv:hasTechnicalOrganisationalMeasure
Definition Measures associated with assessment of data quality
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Quality Improvement

Term DataQualityImprovement Prefix dpv
Label Data Quality Improvement
IRI https://w3id.org/dpv#DataQualityImprovement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataQualityManagementdpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Measures associated with improvement of data quality
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Quality Management

Term DataQualityManagement Prefix dpv
Label Data Quality Management
IRI https://w3id.org/dpv#DataQualityManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Measures associated with management of data quality
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Redaction

Term DataRedaction Prefix dpv
Label Data Redaction
IRI https://w3id.org/dpv#DataRedaction
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:DataSanitisationTechniquedpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Removal of sensitive information from a data or document
Date Created 2020-10-01
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Data Restoration Policy

Term DataRestorationPolicy Prefix dpv
Label Data Restoration Policy
IRI https://w3id.org/dpv#DataRestorationPolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingPolicydpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy regarding restoration of data
Usage Note Restoration can refer to how data is restored from a backup
Date Created 2024-04-14
Contributors Georg P. Krog, Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Reuse Policy

Term DataReusePolicy Prefix dpv
Label Data Reuse Policy
IRI https://w3id.org/dpv#DataReusePolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingPolicydpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy regarding reuse of data i.e. using data for purposes other than its initial purpose
Usage Note This policy can be used to describe the procedures associated with undertaking such reuse of data, for example to assess its legality and the compatibility of the initial and subsequent purposes
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Sanitisation Technique

Term DataSanitisationTechnique Prefix dpv
Label Data Sanitisation Technique
IRI https://w3id.org/dpv#DataSanitisationTechnique
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Cleaning or any removal or re-organisation of elements in data based on selective criteria
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Data Security Management

Term DataSecurityManagement Prefix dpv
Label Data Security Management
IRI https://w3id.org/dpv#DataSecurityManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataGovernancedpv:OrganisationGovernancedpv:Purpose
Broader/Parent types dpv:SecurityProceduredpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPurpose, dpv:hasTechnicalOrganisationalMeasure
Definition Measures associated with management of data security
Usage Note Examples of data security management are assessing the appropriate security controls such as encryption, testing the implemented security controls, and ensuring it is protected and safeguarded from unintended actions
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Source

Term DataSource Prefix dpv
Label Data Source
IRI https://w3id.org/dpv#DataSource
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasDataSource
Definition The source or origin of data
Usage Note Source' is the direct point of data collection; 'origin' would indicate the original/others points of where the data originates from.
Date Created 2020-11-04
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PROCESSING-CONTEXT in DEX

Data Storage Policy

Term DataStoragePolicy Prefix dpv
Label Data Storage Policy
IRI https://w3id.org/dpv#DataStoragePolicy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingPolicydpv:Policydpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasPolicy, dpv:hasTechnicalOrganisationalMeasure
Definition Policy regarding storage of data, including the manner, duration, location, and conditions for storage
Date Created 2024-04-14
Contributors Georg P. Krog, Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Subject

Term DataSubject Prefix dpv
Label Data Subject
IRI https://w3id.org/dpv#DataSubject
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition The individual (or category of individuals) whose personal data is being processed
Usage Note The term 'data subject' is specific to the GDPR, but is functionally equivalent to the term 'individual associated with data' and the ISO/IEC term 'PII Principle'
Source GDPR Art.4-1g
Date Created 2019-04-05
Date Modified 2020-11-04
Contributors Axel Polleres, Javier Fernández
See More: section ENTITIES-DATASUBJECT in DPV

Data Subject Contract

Term DataSubjectContract Prefix dpv
Label Data Subject Contract
IRI https://w3id.org/dpv#DataSubjectContract
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:Contractdpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Creation, completion, fulfilment, or performance of a contract, with the Data Controller and Data Subject as parties, and involving specified processing
Date Created 2023-12-10
See More: section LEGAL-BASIS in DPV

Data Subject as Data Source

Term DataSubjectDataSource Prefix dpv
Label Data Subject as Data Source
IRI https://w3id.org/dpv#DataSubjectDataSource
Type rdfs:Class, skos:Concept, dpv:DataSource
Broader/Parent types dpv:DataSourcedpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasDataSource
Definition Data Sourced from Data Subject(s), e.g. when data is collected via a form or observed from their activities
Date Created 2023-10-12
See More: section PROCESSING-CONTEXT in DPV

DataSubject Informed

Term DataSubjectInformed Prefix dpv
Label DataSubject Informed
IRI https://w3id.org/dpv#DataSubjectInformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityInformeddpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating DataSubject has been informed about the specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Data Subject Right

Term DataSubjectRight Prefix dpv
Label Data Subject Right
IRI https://w3id.org/dpv#DataSubjectRight
Type rdfs:Class, skos:Concept, dpv:Right
Broader/Parent types dpv:Right
Object of relation dpv:hasRight
Definition The rights applicable or provided to a Data Subject
Usage Note Based on use of definitions, the notion of 'Data Subject Right' can be equivalent to 'Individual Right' or 'Right of a Person'
Date Created 2020-11-18
Contributors Beatriz Esteves, Georg P. Krog, Harshvardhan J. Pandit
See More: section RIGHTS in DPV

Data Subject Rights Management

Term DataSubjectRightsManagement Prefix dpv
Label Data Subject Rights Management
IRI https://w3id.org/dpv#DataSubjectRightsManagement
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:RightsManagementdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Methods to provide, implement, and exercise data subjects' rights
Usage Note This concept only concerns the organisational management of rights, and does not represent the rights themselves - especially where such 'rights' are legally recognised or defined for the data subject or individual. The concept dpv:DataSubjectRight is provided to represent such legal rights.
Source
Date Created 2024-04-14
Contributors Beatriz Esteves, Harshvardhan J. Pandit, Georg P. Krog
See More: section TOM-ORGANISATIONAL in DPV

Data Subject Scale

Term DataSubjectScale Prefix dpv
Label Data Subject Scale
IRI https://w3id.org/dpv#DataSubjectScale
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Scaledpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasDataSubjectScale, dpv:hasScale
Definition Scale of Data Subject(s)
Date Created 2022-06-15
Contributors Harshvardhan J. Pandit, Georg P. Krog, Rana Saniei
See More: section PROCESSING-SCALE in DPV

DataSubject Uninformed

Term DataSubjectUninformed Prefix dpv
Label DataSubject Uninformed
IRI https://w3id.org/dpv#DataSubjectUninformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityUninformeddpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating DataSubject is uninformed i.e. has not been informed about the specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Data Sub-Processor

Term DataSubProcessor Prefix dpv
Label Data Sub-Processor
IRI https://w3id.org/dpv#DataSubProcessor
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:DataProcessordpv:Recipientdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataProcessor, dpv:hasEntity, dpv:hasRecipient, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition A 'sub-processor' is a processor engaged by another processor
Usage Note A 'Sub-Processor' is always a 'Processor' with the distinction of not directly being appointed by the 'Controller'
Date Created 2020-11-25
Contributors Harshvardhan J. Pandit
See More: section ENTITIES-LEGALROLE in DPV

Data Transfer Impact Assessment

Term DataTransferImpactAssessment Prefix dpv
Label Data Transfer Impact Assessment
IRI https://w3id.org/dpv#DataTransferImpactAssessment
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:ImpactAssessmentdpv:RiskAssessmentdpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasImpactAssessment, dpv:hasOrganisationalMeasure, dpv:hasRiskAssessment, dpv:hasTechnicalOrganisationalMeasure
Definition Impact Assessment for conducting data transfers
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
See More: section RISK in DPV

Data Transfer Legal Basis

Term DataTransferLegalBasis Prefix dpv
Label Data Transfer Legal Basis
IRI https://w3id.org/dpv#DataTransferLegalBasis
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:LegalBasis
Object of relation dpv:hasLegalBasis
Definition Specific or special categories and instances of legal basis intended for justifying data transfers
Date Created 2021-09-08
Contributors David Hickey, Georg P. Krog
See More: section LEGAL-BASIS in DPV

Data Transfer Notice

Term DataTransferNotice Prefix dpv
Label Data Transfer Notice
IRI https://w3id.org/dpv#DataTransferNotice
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Noticedpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasNotice, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Notice for the legal entity for the transfer of its data
Source
Date Created 2024-04-14
Contributors Georg P. Krog, Paul Ryan, David Hickey, Beatriz Esteves, Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Transfer Record

Term DataTransferRecord Prefix dpv
Label Data Transfer Record
IRI https://w3id.org/dpv#DataTransferRecord
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:DataProcessingRecorddpv:RecordsOfActivitiesdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasRecordOfActivity, dpv:hasTechnicalOrganisationalMeasure
Definition Record of data transfer activities
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Data Volume

Term DataVolume Prefix dpv
Label Data Volume
IRI https://w3id.org/dpv#DataVolume
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Scaledpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasDataVolume, dpv:hasScale
Definition Volume or Scale of Data
Date Created 2022-06-15
Contributors Harshvardhan J. Pandit, Georg P. Krog, Rana Saniei
See More: section PROCESSING-SCALE in DPV

Decentralised Locations

Term DecentralisedLocations Prefix dpv
Label Decentralised Locations
IRI https://w3id.org/dpv#DecentralisedLocations
Type rdfs:Class, skos:Concept, dpv:LocationFixture
Broader/Parent types dpv:LocationFixture
Definition Location that is spread across multiple separate areas with no distinction between their importance
Date Created 2022-06-15
Date Modified 2020-10-05
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-JURISDICTION in DPV

Decision Making

Term DecisionMaking Prefix dpv
Label Decision Making
IRI https://w3id.org/dpv#DecisionMaking
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext
Definition Processing that involves decision making
Date Created 2022-09-07
Contributors Harshvardhan J. Pandit
See More: section PROCESSING-CONTEXT in DPV

De-Identification

Term Deidentification Prefix dpv
Label De-Identification
IRI https://w3id.org/dpv#Deidentification
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:DataSanitisationTechniquedpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Removal of identity or information to reduce identifiability
Source NISTIR 8053
Date Created 2019-04-05
Date Modified 2022-11-24
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DPV

Delete

Term Delete Prefix dpv
Label Delete
IRI https://w3id.org/dpv#Delete
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Removedpv:Processing
Object of relation dpv:hasProcessing
Definition to remove data in a logical fashion i.e. with the possibility of retrieval
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section PROCESSING in DPV

Delivery of Goods

Term DeliveryOfGoods Prefix dpv
Label Delivery of Goods
IRI https://w3id.org/dpv#DeliveryOfGoods
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:RequestedServiceProvisiondpv:ServiceProvisiondpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with delivering goods and services requested or asked by consumer
Related svpu:Delivery
Date Created 2019-04-05
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section PURPOSES in DPV

Derive

Term Derive Prefix dpv
Label Derive
IRI https://w3id.org/dpv#Derive
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Obtaindpv:Processing
Object of relation dpv:hasProcessing
Definition to create new derivative data from the original data
Usage Note Derive indicates data is present or obtainable from existing data. For data that is created without such existence, see Infer.
Source SPECIAL Project
Related svpr:Derive
Date Created 2019-05-07
See More: section PROCESSING in DEX

Derived Data

Term DerivedData Prefix dpv
Label Derived Data
IRI https://w3id.org/dpv#DerivedData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Data
Object of relation dpv:hasData
Definition Data that has been obtained through derivations of other data
Date Created 2023-12-10
See More: section PERSONAL-DATA in DPV

Derived Personal Data

Term DerivedPersonalData Prefix dpv
Label Derived Personal Data
IRI https://w3id.org/dpv#DerivedPersonalData
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:DerivedDatadpv:Data
Broader/Parent types dpv:PersonalDatadpv:Data
Object of relation dpv:hasData, dpv:hasPersonalData
Definition Personal Data that is obtained or derived from other data
Usage Note Derived Data is data that is obtained through processing of existing data, e.g. deriving first name from full name. To indicate data that is derived but which was not present or evident within the source data, InferredPersonalData should be used.
Source DPVCG
Related svd:Derived
Date Created 2019-05-07
Date Modified 2023-12-10
Contributors Elmar Kiesling; Harshvardhan J. Pandit, Fajar Ekaputra
See More: section PERSONAL-DATA in DPV

Design Standard

Term DesignStandard Prefix dpv
Label Design Standard
IRI https://w3id.org/dpv#DesignStandard
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:GuidelinesPrincipledpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition A set of rules or guidelines outlining criterias for design
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-ORGANISATIONAL in DPV

Destruct

Term Destruct Prefix dpv
Label Destruct
IRI https://w3id.org/dpv#Destruct
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Removedpv:Processing
Object of relation dpv:hasProcessing
Definition to process data in a way it no longer exists or cannot be repaired
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Deterministic Pseudonymisation

Term DeterministicPseudonymisation Prefix dpv
Label Deterministic Pseudonymisation
IRI https://w3id.org/dpv#DeterministicPseudonymisation
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Pseudonymisationdpv:Deidentificationdpv:DataSanitisationTechniquedpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Pseudonymisation achieved through a deterministic function
Source ENISA Data Pseudonymisation: Advanced Techniques and Use Cases
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Detriment

Term Detriment Prefix dpv
Label Detriment
IRI https://w3id.org/dpv#Detriment
Type rdfs:Class, skos:Concept, dpv:Impact
Broader/Parent types dpv:Impactdpv:Consequence
Subject of relation dpv:hasImpactOn
Object of relation dpv:hasConsequence, dpv:hasImpact
Definition Impact that acts as or causes detriments
Date Created 2022-03-23
Contributors Harshvardhan J. Pandit, Julian Flake, Georg P. Krog, Fajar Ekaputra, Beatriz Esteves
See More: section RISK in DPV

Differential Privacy

Term DifferentialPrivacy Prefix dpv
Label Differential Privacy
IRI https://w3id.org/dpv#DifferentialPrivacy
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Utilisation of differential privacy where information is shared as patterns or groups to withhold individual elements
Source ENISA Data Protection Engineering
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Digital Literacy

Term DigitalLiteracy Prefix dpv
Label Digital Literacy
IRI https://w3id.org/dpv#DigitalLiteracy
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Providing skills, knowledge, and understanding to enable reading, writing, analysing, reasoning, and communicating regarding digital technologies and their implications
Date Created 2024-05-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Digital Rights Management

Term DigitalRightsManagement Prefix dpv
Label Digital Rights Management
IRI https://w3id.org/dpv#DigitalRightsManagement
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Management of access, use, and other operations associated with digital content
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Digital Signatures

Term DigitalSignatures Prefix dpv
Label Digital Signatures
IRI https://w3id.org/dpv#DigitalSignatures
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:CryptographicMethodsdpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Expression and authentication of identity through digital information containing cryptographic signatures
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Direct Marketing

Term DirectMarketing Prefix dpv
Label Direct Marketing
IRI https://w3id.org/dpv#DirectMarketing
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Marketingdpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with conducting direct marketing i.e. marketing communicated directly to the individual
Date Created 2020-11-04
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Disaster Recovery Procedures

Term DisasterRecoveryProcedures Prefix dpv
Label Disaster Recovery Procedures
IRI https://w3id.org/dpv#DisasterRecoveryProcedures
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:GovernanceProceduresdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Procedures related to management of disasters and recovery
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Disclose

Term Disclose Prefix dpv
Label Disclose
IRI https://w3id.org/dpv#Disclose
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Processing
Object of relation dpv:hasProcessing
Definition to make data known
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Disclose by Transmission

Term DiscloseByTransmission Prefix dpv
Label Disclose by Transmission
IRI https://w3id.org/dpv#DiscloseByTransmission
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Disclosedpv:Processing
Object of relation dpv:hasProcessing
Definition to disclose data by means of transmission
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Display

Term Display Prefix dpv
Label Display
IRI https://w3id.org/dpv#Display
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Disclosedpv:Processing
Object of relation dpv:hasProcessing
Definition to present or show data
Source
Date Created 2024-04-14
Contributors Beatriz Esteves
See More: section PROCESSING in DPV

Dispute Management

Term DisputeManagement Prefix dpv
Label Dispute Management
IRI https://w3id.org/dpv#DisputeManagement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:OrganisationGovernancedpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with activities that manage disputes by natural persons, private bodies, or public authorities relevant to organisation
Source Belgian DPA ROPA Template
Date Created 2021-09-08
Contributors Georg P. Krog, Harshvardhan J. Pandit, Beatriz Esteves
See More: section PURPOSES in DPV

Disseminate

Term Disseminate Prefix dpv
Label Disseminate
IRI https://w3id.org/dpv#Disseminate
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Disclosedpv:Processing
Object of relation dpv:hasProcessing
Definition to spread data throughout
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Distributed System Security

Term DistributedSystemSecurity Prefix dpv
Label Distributed System Security
IRI https://w3id.org/dpv#DistributedSystemSecurity
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:SecurityMethoddpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Security implementations provided using or over a distributed system
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Document Randomised Pseudonymisation

Term DocumentRandomisedPseudonymisation Prefix dpv
Label Document Randomised Pseudonymisation
IRI https://w3id.org/dpv#DocumentRandomisedPseudonymisation
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Pseudonymisationdpv:Deidentificationdpv:DataSanitisationTechniquedpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Use of randomised pseudonymisation where the same elements are assigned different values in the same document or database
Source ENISA Data Pseudonymisation: Advanced Techniques and Use Cases
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Document Security

Term DocumentSecurity Prefix dpv
Label Document Security
IRI https://w3id.org/dpv#DocumentSecurity
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:SecurityMethoddpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Security measures enacted over documents to protect against tampering or restrict access
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Download

Term Download Prefix dpv
Label Download
IRI https://w3id.org/dpv#Download
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Disclosedpv:Processing
Object of relation dpv:hasProcessing
Definition to provide a copy or to receive a copy of data over a network or internet
Source DGA 2.13
Date Created 2024-04-14
Contributors Beatriz Esteves
See More: section PROCESSING in DPV

Data Protection Impact Assessment (DPIA)

Term DPIA Prefix dpv
Label Data Protection Impact Assessment (DPIA)
IRI https://w3id.org/dpv#DPIA
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:RightsImpactAssessmentdpv:ImpactAssessmentdpv:RiskAssessmentdpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasImpactAssessment, dpv:hasOrganisationalMeasure, dpv:hasRiskAssessment, dpv:hasTechnicalOrganisationalMeasure
Definition Impact assessment determining the potential and actual impact of processing activities on individuals or groups of individuals and taking into account the impacts of activities on their rights and freedoms
Usage Note Specific requirements and procedures for DPIA are defined in GDPR Art.35
Source
Date Created 2020-11-04
Date Modified 2024-04-14
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
See More: section RISK in DPV

Duration

Term Duration Prefix dpv
Label Duration
IRI https://w3id.org/dpv#Duration
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Context
Object of relation dpv:hasContext, dpv:hasDuration
Definition The duration or temporal limitation
Date Created 2022-02-09
Contributors Harshvardhan J. Pandit
See More: section CONTEXT in DEX

Economic Union

Term EconomicUnion Prefix dpv
Label Economic Union
IRI https://w3id.org/dpv#EconomicUnion
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Location
Object of relation dpv:hasJurisdiction, dpv:hasLocation
Definition A political union of two or more countries based on economic or trade agreements
Date Created 2022-01-19
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-JURISDICTION in DPV

Educational Training

Term EducationalTraining Prefix dpv
Label Educational Training
IRI https://w3id.org/dpv#EducationalTraining
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:StaffTrainingdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Training methods that are intended to provide education on topic(s)
Source ENISA Reference Incident Classification Taxonomy 2018
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Effectiveness Determination Procedures

Term EffectivenessDeterminationProcedures Prefix dpv
Label Effectiveness Determination Procedures
IRI https://w3id.org/dpv#EffectivenessDeterminationProcedures
Type rdfs:Class, skos:Concept, dpv:OrganisationalMeasure
Broader/Parent types dpv:Assessmentdpv:OrganisationalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasAssessment, dpv:hasOrganisationalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Procedures intended to determine effectiveness of other measures
Source ENISA 5G Cybersecurity Standards
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-ORGANISATIONAL in DPV

Elderly Data Subject

Term ElderlyDataSubject Prefix dpv
Label Elderly Data Subject
IRI https://w3id.org/dpv#ElderlyDataSubject
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:VulnerableDataSubjectdpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that are considered elderly (i.e. based on age)
Date Created 2022-06-15
Contributors Georg P. Krog
See More: section ENTITIES-DATASUBJECT in DPV

Employee

Term Employee Prefix dpv
Label Employee
IRI https://w3id.org/dpv#Employee
Type rdfs:Class, skos:Concept, dpv:DataSubject
Broader/Parent types dpv:DataSubjectdpv:LegalEntitydpv:Entity
Object of relation dpv:hasDataSubject, dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition Data subjects that are employees
Date Created 2022-04-06
Contributors Harshvardhan J. Pandit, Georg P. Krog, Julian Flake, Paul Ryan, Beatriz Esteves
See More: section ENTITIES-DATASUBJECT in DPV

Encryption

Term Encryption Prefix dpv
Label Encryption
IRI https://w3id.org/dpv#Encryption
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Technical measures consisting of encryption
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DEX

Encryption at Rest

Term EncryptionAtRest Prefix dpv
Label Encryption at Rest
IRI https://w3id.org/dpv#EncryptionAtRest
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Encryptiondpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Encryption of data when being stored (persistent encryption)
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DPV

Encryption in Transfer

Term EncryptionInTransfer Prefix dpv
Label Encryption in Transfer
IRI https://w3id.org/dpv#EncryptionInTransfer
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Encryptiondpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Encryption of data in transit e.g. when being transferred from one location to another, including sharing
Date Created 2019-04-05
Contributors Axel Polleres, Rob Brennan, Harshvardhan J. Pandit, Mark Lizar
See More: section TOM-TECHNICAL in DPV

Encryption in Use

Term EncryptionInUse Prefix dpv
Label Encryption in Use
IRI https://w3id.org/dpv#EncryptionInUse
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Encryptiondpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Encryption of data when it is being used
Date Created 2022-10-22
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Endless Duration

Term EndlessDuration Prefix dpv
Label Endless Duration
IRI https://w3id.org/dpv#EndlessDuration
Type rdfs:Class, skos:Concept, dpv:Duration
Broader/Parent types dpv:Durationdpv:Context
Object of relation dpv:hasContext, dpv:hasDuration
Definition Duration that is (known or intended to be) open ended or without an end
Date Created 2022-06-15
Date Modified 2020-10-05
Contributors Harshvardhan J. Pandit
See More: section CONTEXT in DPV

End-to-End Encryption (E2EE)

Term EndToEndEncryption Prefix dpv
Label End-to-End Encryption (E2EE)
IRI https://w3id.org/dpv#EndToEndEncryption
Type rdfs:Class, skos:Concept, dpv:TechnicalMeasure
Broader/Parent types dpv:Encryptiondpv:TechnicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasTechnicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Encrypted communications where data is encrypted by the sender and decrypted by the intended receiver to prevent access to any third party
Source ENISA Data Protection Engineering
Date Created 2022-08-17
Contributors Harshvardhan J. Pandit
See More: section TOM-TECHNICAL in DPV

Enforce Access Control

Term EnforceAccessControl Prefix dpv
Label Enforce Access Control
IRI https://w3id.org/dpv#EnforceAccessControl
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:EnforceSecuritydpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with conducting or enforcing access control as a form of security
Usage Note Was previously "Access Control". Prefixed to distinguish from Technical Measure.
Related svpu:Login
Date Created 2019-04-05
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section PURPOSES in DPV

Enforce Security

Term EnforceSecurity Prefix dpv
Label Enforce Security
IRI https://w3id.org/dpv#EnforceSecurity
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with ensuring and enforcing security for data, personnel, or other related matters
Usage Note Was previous "Security". Prefixed to distinguish from TechOrg measures.
Date Created 2019-04-05
Contributors Harshvardhan J. Pandit, Javier Fernández, Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Simon Steyskal
See More: section PURPOSES in DPV

Enter Into Contract

Term EnterIntoContract Prefix dpv
Label Enter Into Contract
IRI https://w3id.org/dpv#EnterIntoContract
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:Contractdpv:LegalAgreementdpv:LegalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasLegalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Processing necessary to enter into contract
Date Created 2021-04-07
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
See More: section LEGAL-BASIS in DPV

Entity

Term Entity Prefix dpv
Label Entity
IRI https://w3id.org/dpv#Entity
Type rdfs:Class, skos:Concept
Subject of relation dpv:hasAddress, dpv:hasContact, dpv:hasName, dpv:hasRelationWithDataSubject, dpv:hasRepresentative
Object of relation dpv:hasEntity, dpv:hasResponsibleEntity, dpv:isDeterminedByEntity, dpv:isImplementedByEntity, dpv:isIndicatedBy, dpv:isRepresentativeFor
Definition A human or non-human 'thing' that constitutes as an entity
Date Created 2022-02-02
Contributors Harshvardhan J. Pandit
See More: section ENTITIES in DEX

Entity Active Involvement

Term EntityActiveInvolvement Prefix dpv
Label Entity Active Involvement
IRI https://w3id.org/dpv#EntityActiveInvolvement
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasActiveEntity, dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement where entity is 'actively' involved
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Entity Informed

Term EntityInformed Prefix dpv
Label Entity Informed
IRI https://w3id.org/dpv#EntityInformed
Type rdfs:Class, skos:Concept, dpv:EntityInformedStatus
Broader/Parent types dpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating entity has been informed about specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Entity Informed Status

Term EntityInformedStatus Prefix dpv
Label Entity Informed Status
IRI https://w3id.org/dpv#EntityInformedStatus
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating whether an entity is informed or uninformed about specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Entity Involvement

Term EntityInvolvement Prefix dpv
Label Entity Involvement
IRI https://w3id.org/dpv#EntityInvolvement
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement of an entity in specific context
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Entity Non-Involvement

Term EntityNonInvolvement Prefix dpv
Label Entity Non-Involvement
IRI https://w3id.org/dpv#EntityNonInvolvement
Type rdfs:Class, skos:Concept
Definition Indicating entity is not involved
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Entity Non-Permissive Involvement

Term EntityNonPermissiveInvolvement Prefix dpv
Label Entity Non-Permissive Involvement
IRI https://w3id.org/dpv#EntityNonPermissiveInvolvement
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement of an entity in specific context where it is not permitted or able to do something
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Entity Passive Involvement

Term EntityPassiveInvolvement Prefix dpv
Label Entity Passive Involvement
IRI https://w3id.org/dpv#EntityPassiveInvolvement
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement, dpv:hasPassiveEntity
Definition Involvement where entity is 'passively' or 'not actively' involved
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Entity Permissive Involvement

Term EntityPermissiveInvolvement Prefix dpv
Label Entity Permissive Involvement
IRI https://w3id.org/dpv#EntityPermissiveInvolvement
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:EntityInvolvementdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext, dpv:hasEntityInvolvement
Definition Involvement of an entity in specific context where it is permitted or able to do something
Date Created 2024-05-11
See More: section PROCESSING-CONTEXT in DPV

Entity Uninformed

Term EntityUninformed Prefix dpv
Label Entity Uninformed
IRI https://w3id.org/dpv#EntityUninformed
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:EntityInformedStatusdpv:Statusdpv:Context
Object of relation dpv:hasContext, dpv:hasInformedStatus, dpv:hasStatus
Definition Status indicating entity is uninformed i.e. has been not been informed about specified context
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Environmental Protection

Term EnvironmentalProtection Prefix dpv
Label Environmental Protection
IRI https://w3id.org/dpv#EnvironmentalProtection
Type rdfs:Class, skos:Concept, dpv:PhysicalMeasure
Broader/Parent types dpv:PhysicalMeasuredpv:TechnicalOrganisationalMeasure
Object of relation dpv:hasPhysicalMeasure, dpv:hasTechnicalOrganisationalMeasure
Definition Physical protection against environmental threats such as fire, floods, storms, etc.
Source
Date Created 2024-04-14
Contributors Harshvardhan J. Pandit
See More: section TOM-PHYSICAL in DPV

Erase

Term Erase Prefix dpv
Label Erase
IRI https://w3id.org/dpv#Erase
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Removedpv:Processing
Object of relation dpv:hasProcessing
Definition to remove data from existence i.e. without the possibility of retrieval
Source GDPR Art.4-2
Date Created 2019-05-07
See More: section PROCESSING in DPV

Establish Contractual Agreement

Term EstablishContractualAgreement Prefix dpv
Label Establish Contractual Agreement
IRI https://w3id.org/dpv#EstablishContractualAgreement
Type rdfs:Class, skos:Concept, dpv:Purpose
Broader/Parent types dpv:Purpose
Object of relation dpv:hasPurpose
Definition Purposes associated with carrying out data processing to establish an agreement, such as for entering into a contract
Date Created 2022-11-09
Contributors Georg P. Krog, Harshvardhan J. Pandit
See More: section PURPOSES in DPV

Evaluation of Individuals

Term EvaluationOfIndividuals Prefix dpv
Label Evaluation of Individuals
IRI https://w3id.org/dpv#EvaluationOfIndividuals
Type rdfs:Class, skos:Concept, dpv:EvaluationScoring
Broader/Parent types dpv:EvaluationScoringdpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext
Definition Processing that involves evaluation of individuals
Source GDPR Art.4-2
Date Created 2022-10-22
Date Modified 2022-11-30
Contributors Harshvardhan J. Pandit
See More: section PROCESSING-CONTEXT in DPV

Evaluation and Scoring

Term EvaluationScoring Prefix dpv
Label Evaluation and Scoring
IRI https://w3id.org/dpv#EvaluationScoring
Type rdfs:Class, skos:Concept
Broader/Parent types dpv:ProcessingContextdpv:Context
Object of relation dpv:hasContext
Definition Processing that involves evaluation and scoring of individuals
Source GDPR Art.4-2
Date Created 2020-11-04
Contributors Harshvardhan J. Pandit, Piero Bonatti
See More: section PROCESSING-CONTEXT in DPV

Expectation Status

Term ExpectationStatus Prefix dpv
Label Expectation Status
IRI https://w3id.org/dpv#ExpectationStatus
Type rdfs:Class, skos:Concept
Object of relation dpv:hasExpecation
Definition Status indicating whether the specified context was intended or unintended
Usage Note Expectation is associated with the outcome of a goal or purpose for what is expected to happen i.e. an ex-post indication of what was expected to happen in the specified context. Intention and Expectation are closely related terms. We recommend using Intention when the entity has the ability to control the implementation and Expectation for when the entity does not have control or for what happens after or beyond the exercise of control.
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Expected

Term Expected Prefix dpv
Label Expected
IRI https://w3id.org/dpv#Expected
Type rdfs:Class, skos:Concept, dpv:ExpectationStatus
Broader/Parent types dpv:ExpectationStatus
Object of relation dpv:hasExpecation
Definition Status indicating the specified context was expected
Date Created 2024-05-10
Contributors Harshvardhan J. Pandit, Delaram Golpayegani, Georg P. Krog, Paul Ryan
See More: section CONTEXT-STATUS in DPV

Explicitly Expressed Consent

Term ExplicitlyExpressedConsent Prefix dpv
Label Explicitly Expressed Consent
IRI https://w3id.org/dpv#ExplicitlyExpressedConsent
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:ExpressedConsentdpv:InformedConsentdpv:Consentdpv:LegalBasis
Object of relation dpv:hasLegalBasis
Definition Consent that is expressed through an explicit action solely conveying a consenting decision
Usage Note Explicitly expressed consent is a more specific form of Expressed consent where the action taken must 'explicitly' relate to only the consent decision. Expressed consent where the consenting is part of other matters therefore cannot satisfy the requirements of explicitly expressed consent. An example of explicit action expressing the consenting decision is a button on a web form where the form only relates to consent, or it is accompanied with suitable text that reiterates what the consenting decision is about
Date Created 2022-06-21
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-TYPES in DPV

Export

Term Export Prefix dpv
Label Export
IRI https://w3id.org/dpv#Export
Type rdfs:Class, skos:Concept, dpv:Processing
Broader/Parent types dpv:Disclosedpv:Processing
Object of relation dpv:hasProcessing
Definition to provide a copy of data from one system to another
Source
Date Created 2024-04-14
Contributors Beatriz Esteves
See More: section PROCESSING in DPV

Expressed Consent

Term ExpressedConsent Prefix dpv
Label Expressed Consent
IRI https://w3id.org/dpv#ExpressedConsent
Type rdfs:Class, skos:Concept, dpv:LegalBasis
Broader/Parent types dpv:InformedConsentdpv:Consentdpv:LegalBasis
Object of relation dpv:hasLegalBasis
Definition Consent that is expressed through an action intended to convey a consenting decision
Usage Note Expressed consent requires the individual take a specific and unambigious action that directly indicates their consent. This action may be a part of other processes such as setting preferences, or agreeing to a contract, or other matters not relating to consent. An example of expressed consent is interacting with a checkbox within a dashboard or clicking a button on a web form
Date Created 2022-06-21
Contributors Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan, Julian Flake
See More: section LEGAL-BASIS-CONSENT-TYPES in DPV

Federated Locations

Term FederatedLocations Prefix dpv
Label Federated Locations
IRI https://w3id.org/dpv#FederatedLocations
Type rdfs:Class, skos:Concept, dpv:LocationFixture
Broader/Parent types dpv:LocationFixture
Definition Location that is federated across multiple separate areas with designation of a primary or central location
Date Created 2022-06-15
Date Modified 2020-10-05
Contributors Harshvardhan J. Pandit
See More: section CONTEXT-JURISDICTION in DPV

Fee

Term Fee Prefix dpv
Label Fee
IRI https://w3id.org/dpv#Fee
Type rdfs:Class, skos:Concept, dpv:Impact
Broader/Parent typ