In the case of pseudonymization, the name or another identification feature is replaced by a pseudonym (usually a multi-digit combination of letters or numbers) in order to exclude or make it significantly more difficult to establish the identity of the data subject. The identity is concealed - the processing of the data is pseudonymized and therefore without precise information. However, the stored data can be assigned in the background and can be subsequently assigned by an authorized person. Pseudonymized according to Art 4 GDPR: is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person. Pseudonymization is always identity obfuscation. Data is retractable and thus indirectly determinable information, but tracing is more difficult. Processing such data leads to fewer legal consequences and should therefore always be the premise. Tracing, i.e., identity concealment, may only be carried out by authorized persons, and the number of such authorized persons must be small in accordance with the purpose.
Back to the glossary