# What is personal data?

Personal data is defined by the [World Health Organization](https://apps.who.int/iris/bitstream/handle/10665/341374/WHO-EURO-2021-1994-41749-57154-eng.pdf) as ‘information relating to an identified or identifiable natural person’.

Personal data can be used to identify an individual either directly or indirectly. Directly identifiable data might include a person’s name, application log-in information, or social security number. Indirectly identifiable information is data that, when combined with other information, could identify an individual, for example geolocation, IP address or physical address. Figure 1 sets out the characteristics of personal and sensitive data often collected and shared about people.

![Figure 1: Types of Data About Us](https://598840926-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MlEwI17OEvGRpPYrTqO%2Fuploads%2FfRvsaCuG9ITYP72MollC%2FODI-Types-of-Data-About-Us-graphic-20190916.png?alt=media\&token=78368f8a-72af-45ae-93f0-eea1f59a19e7)