DPV's terms are defined using abstract semantic notions Concept and Relation derived from SKOS concepts and semantic relations respectively. The use of relations is bounded using hasDomain and hasRange. This is to permit its interpretation in various semantic expressions, such as a vocabulary (collection of concepts), or as ontologies in OWL2 or RDFS or something else. The DPV Family of Documents provides an overview of such semantic interpretations provided by the DPVCG.
-The 'Base' or 'Core' concepts in DPV represent the most relevant concepts for representing information regarding the what, how, where, who, why of personal data and its processing. Each of these concepts is further elaborated as a taxonomy of concepts in a hierarchical fashion. The DPV provides the following as 'top-level' concepts and relations to associate them with other concepts:
-Class | -Property | -Description | -|||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
[=Concept=] | -[=Relation=] | -Semantics of Concepts and Relationships | -|||||||||||||||||||||||||||||||||
Concept | +Relevant Section | +|
[=PersonalData=] | -[=hasPersonalData=] | -Personal data categories | -
link | +||
[=Purpose=] | [=hasPurpose=] | -Purpose of Processing | -
[=Processing=] | [=hasProcessing=] | -Category or type of processing of personal data | -
[=DataController=] | [=hasDataController=] | -Data Controller responsible for processing | -
[=DataSubject=] | [=hasDataSubject=] | -Data Subject or Individual whose data is being processing | -
[=Recipient=] | [=hasRecipient=] | -Recipient of personal data | -
[=TechnicalOrganisationalMeasure=] | [=hasTechnicalOrganisationalMeasure=] | -Technical and/or Organisational measures associated with processing | -
[=LegalBasis=] | [=hasLegalBasis=] | -Legal bases or justifications for processing | -
[=Right=] | [=hasRight=] | -Rights applicable or provided | -
[=Risk=] | [=hasRisk=] | -Risks applicable or probable regarding processing | -
[=PersonalDataHandling=] | [=hasPersonalDataHandling=] | -A concept for associating the other core concepts as a 'group, 'policy', or 'set' - so as to express different use-cases and combinations | -
DPV provides taxonomies for all core concepts except the ones specified below:
+DPV provides taxonomies for all core concepts except the ones specified below:
+The rest of the document expands on the core concepts through the following taxonomies.
PersonalDataHandling
with other concepts, including like itself.Right
represents a generic rights provided or recognised by some law or convention. The relation hasRight provides the relation to associate a Right
with concepts.. In addition, DataSubjectRight refers to rights specifically available to applicable for Data Subjects.Further to these, there are separate extensions that provide additional concepts. These are:
+DPV distinguishes between Entity and Legal Entity based on the use of roles defined legally or within legal norms. To support this, DPV first provides a taxonomy of entities (see below), and then specialises them for Legal Roles (e.g. [=DataController=] and [=DataSubject=]). Further sections provide taxonomies for Organisations, Authorities, and Data Subjects.
{% if entities_classes %}Legal Role is the role taken on by a legal entity based on definitions or criterias from laws, regulations, or other such normative sources. Legal roles assist in representing the role and responsibility of an entity within the context of processing, and from this to determine the requirements and obligations that should apply, and their compliance or conformance.
{% if entities_legalrole_classes %}