Data about you can be used in a multitude of ways

Organisations do not just collect personal data. They also want to use the data. We call this processing. An organisation may only process personal data if they have aspecific purpose.  

Find out more about personal data and its usage by organisations below.  


Anything you do with personal data is called processing. In order to process personal data, an organisation needs to have a specific goal.

‘Processing’ is any process in which personal data are processed or used. You can think of collecting or storing data. Updating, arranging, deleting, distributing or other forms of making available are also processing operations.

An example of processing is receiving of application forms and CVs from new employees. Anonymising personal data is also a processing, because it is a form of erasing or destroying personal data.

In PrivacyLabel we distinguish a couple of purpose categories. If you want to know exactly what the processing goals of an organisation are, you can take a look in its privacy statement.

Privacy Label  distinguishs the following categories of purposes for data usage:
Human resources
- Financial administration
- Legal
- Providing goods and services
Marketing, sales and customer relations
- Health and medicine
- Authorization management
- Security and surveillance
- Academic research
Crime and national security
- Fraud detection and prevention



Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.


Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.