Skip links

Term: Sensitive Personal Data

Sensitive Personal Data is information of a sensitive nature that, if compromised, could cause harm or damage to an individual. This can include health information, information on a person’s race, ethnic origin, sexual orientation, or political opinion, as well as Social Security numbers and financial information.

What Is Sensitive Personal Data?

According to Recital 51 of the GDPR “Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms.”

Sensitive Personal Data is a specific set of “special categories” that must be treated with extra security. These categories includes: Racial or ethnic origin; Political opinions; Sexual orientation; Religious or philosophical beliefs; Trade union membership; Genetic data; and Biometric data (where processed to uniquely identify someone). 

How is sensitive personal data different from personal data?

The major difference between personal and sensitive personal data is how it’s processed and stored.

Due to the potential harm that may be caused if sensitive data is exposed, it requires a higher level of protection. This includes highly confidential information that can be devastating if mishandled.

« Back to Glossary Index