Put simply, personal data is information that relates to 1. an identified or identifiable person or 2. an identified or identifiable legal entity (where such information is protected similarly as personal data under applicable data protection laws and regulations). While regulations use different terms with slightly varying definitions, “personal data,” “personal information,” and “personally identifiable information (PII)” are often used interchangeably. Since there are various data privacy and protection laws that define how you can collect and handle an individual’s data, it’s crucial that you understand what information you need to safeguard as well as your compliance responsibilities. In the rest of this post, we’ll help you do just that by guiding you through the regulatory landscape for collecting personal data. What does personal data mean for the GDPR? The GDPR defines personal data as follows: “Personal data” means any information relating to an identified or identifiable natural person (“data.