Data subjects are individuals whose personal data is collected, used, and processed by an organization. Data subject classification enables organizations to define and manage distinct groups, enabling a granular and context-specific representation of data processing activities.

Data subjects are a newly introduced dynamic table designed to support the structured definition and classification of multiple data subject groups. It enables you to create and manage distinct data subject groups based on relevant organizational, operational, or regulatory criteria. Each group can be associated with specific geographical locations to reflect regional data handling requirements and obligations.

For each data subject type, you can now record their location, the volume of data subjects involved, and the associated information objects being collected. Collected data elements for each group can also be specified to provide clear visibility into the types of data being processed. This approach facilitates a more realistic and detailed representation of data processing activities within the organization. It also supports scalability and adaptability as data processing operations evolve or expand over time.

The Privacy Management application provides 64 data subject types by default. Any user with at least the privacy manager role can see the data subject types.

Benefits of using data subject types

• Improved transparency: Facilitates a better understanding of data processed within the processing activities whose data is collected or processed.
• Enhanced risk management: Supports the identification of high-risk (vulnerable) data subject types such as children, patients, and so on by enabling configuration of vulnerable groups.
• Operational efficiency: Enables standardized classification and reuse of data subject groups across multiple privacy workflows.