Children – personal data about individuals under the age of 18. Children’s data have additional protections under the UK GDPR and the Children’s code.
Customers or prospective customers – information about those that use a company’s services or have enquired about their services. For example, a retailer could hold a database of individuals that have used their services or browsed their products.
Employees – information collected about members of staff within an organisation. This could include financial information and special category data, depending on the information collected.
Multiple – where more than one type of individuals’ data is potentially involved in a breach.
Patients – individuals that have used medical services. This could be for physical or mental health problems, dental services or other treatments. This data is likely to contain special category data.
Students – children or adults that are studying at an educational facility, such as a school, college or university.
Subscribers – individuals that have signed up for a regular service, such as newsletters or products. These people may or may not also be customers, depending on the services they have signed up for.
Users – individuals that use a service, such as a social media platform or forum. Users have signed up but are not purchasing a product or receiving a regular service.
Vulnerable adults – adults that have additional needs or are otherwise disadvantaged leaving them in a vulnerable position. This could be due to disability, mental illness, abuse, or other issues that may require additional safeguards.