Oh, I see. Indeed anonymised data should be fine under GDPR. However it is often very difficult to anonymise data. Some things are easy to anonymise, other are very complex.
For a small company who does not mainly work with data, the easiest solution to comply with GDPR is indeed just deleting the data altogether.
Yes, there a concept of “pseudonymous” data in some of the guidance, which refers to anonymous data which, when taken together, could identify the person - even if some of that data is not held by the data controller. Under those circumstances seemingly anonymous data can fall under the regulation although most companies are very unlikely to consider such nuance in their data policies.
Oh, I see. Indeed anonymised data should be fine under GDPR. However it is often very difficult to anonymise data. Some things are easy to anonymise, other are very complex.
For a small company who does not mainly work with data, the easiest solution to comply with GDPR is indeed just deleting the data altogether.
Yes, there a concept of “pseudonymous” data in some of the guidance, which refers to anonymous data which, when taken together, could identify the person - even if some of that data is not held by the data controller. Under those circumstances seemingly anonymous data can fall under the regulation although most companies are very unlikely to consider such nuance in their data policies.