Ready for GDPR? Understanding Personal and Sensitive Data

Ready for GDPR? Understanding Personal and Sensitive Data
Prepare for GDPR

The European Union (EU) will implement the General Data Protection Regulations (GDPR) on May 25, 2018. The EU believes the protection of natural persons in relation to the processing of personal data is a fundamental right and EU residents/citizens must consent to the transfer of this information before information can be transferred.

The European Union has also differentiated between personal data and sensitive data:

Personal data is considered any information relating to an individual whether it relates to private, professional, or public life. Examples are name, address, school identification number, photo, email address, etc. 

Sensitive data includes racial or ethnic origin, political opinions, social security number, genetic data, etc.

Under GDPR, EU residents/citizens must consent to the transfer of all personal and/or sensitive data before information is transferred. Fines for transferring without consent can be as high as 20 million euros or four percent of revenue – whichever is higher.

Deletion of Data No Longer Needed

Please review information on your computer/laptop before May 25, 2018, to delete any personal and/or sensitive data information on EU residents/citizens that is no longer needed.


  • Webster's updated student privacy notice can be found here
  • The GDPR regulations are now available on Webster's GDPR website, where you can also find overview and frequently asked questions about the regulation.
  • After reviewing those resources, if you have questions about GDPR implementation at Webster, contact Margie Muthukumaru, Greg Malone or Jeanelle Wiley.

Related News