United Kingdom Personal Data Categories For Processing Schedules
Personal Data Category | Sensitivity Level | Example Data Items | Additional Safeguards Needed | Schedule Notes |
|---|---|---|---|---|
Identity Data | ||||
Names and personal identifiers | Low | Full name, preferred name, title, customer ID | No | Describe common identifiers used to administer the service. |
Contact Data | ||||
Contact details | Low | Email address, phone number, postal address | No | List business and personal contact channels separately if relevant. |
Identity Data | ||||
Account credentials | High | Username, password hash, MFA secret, security answers | Yes | Specify hashing, access controls and incident notification expectations. |
Usage Data | ||||
Authentication and access logs | Medium | Login times, IP address, failed login attempts, session ID | Sometimes | Note monitoring, retention period and security purpose. |
Identity Data, Contact Data, Other | ||||
Customer account profile data | Medium | Profile photo, preferences, account settings, organisation name | Sometimes | Identify whether profile content is user-generated or imported. |
Financial Data, Other | ||||
Transaction and order data | Medium | Order history, invoice number, purchase amount, delivery status | Sometimes | Separate payment card data from general transaction records. |
Financial Data | ||||
Payment card data | High | PAN, expiry date, cardholder name, tokenised card reference | Yes | State if full card details are processed or only tokens. |
Bank account details | High | Sort code, account number, IBAN, account holder name | Yes | Include fraud controls, restricted access and retention limits. |
Financial Data, Contact Data | ||||
Billing and invoicing details | Medium | Billing address, VAT details, invoice contact, payment status | Sometimes | Identify accounting, tax and debt recovery purposes if applicable. |
Financial Data | ||||
Credit and affordability data | High | Credit score, income, debts, repayment history | Yes | State if credit reference agency data is processed. |
Employment Data | ||||
Employment records | Medium | Job title, start date, manager, work location | Sometimes | Describe HR administration and workforce management use. |
Employment Data, Identity Data, Contact Data | ||||
Recruitment and applicant data | Medium | CV, application form, interview notes, references | Sometimes | Note if equality, health or background checks are included. |
Employment Data, Financial Data | ||||
Payroll data | High | Salary, tax code, NI number, deductions, payslip data | Yes | Include payroll provider, HMRC reporting and strict access limits. |
Identity Data, Employment Data, Financial Data | ||||
National Insurance numbers | High | National Insurance number and related payroll records | Yes | Treat as a high-value identifier and restrict disclosure. |
Financial Data, Employment Data | ||||
Tax records | High | Tax code, UTR, P45, P60, benefits in kind | Yes | Identify statutory reporting and retention obligations. |
Employment Data, Financial Data | ||||
Pension and benefits data | High | Pension contributions, beneficiary details, benefits elections | Yes | Note scheme administrators and beneficiary data flows. |
Employment Data, Special Category Data | ||||
Sickness and absence records | High | Fit notes, absence reason, occupational health recommendations | Yes | Flag health data and state limited HR access. |
Special Category Data, Employment Data | ||||
Occupational health data | High | Medical assessment, adjustments, fitness for work report | Yes | Keep clinical details separate from HR management records. |
Contact Data, Other | ||||
Emergency contact data | Medium | Next of kin name, relationship, phone number, address | Sometimes | Note data about non-user third parties. |
Employment Data | ||||
Performance and appraisal data | Medium | Objectives, ratings, feedback, disciplinary notes | Sometimes | Clarify whether monitoring or automated scoring is used. |
Employment Data, Other | ||||
Disciplinary and grievance records | High | Complaint, investigation notes, warnings, outcome letters | Yes | Flag if allegations include criminal or special category data. |
Identity Data, Employment Data | ||||
Right to work data | High | Passport copy, visa status, share code, work permit | Yes | State document verification, retention and restricted access controls. |
Identity Data | ||||
Passport and identity document data | High | Passport number, driving licence, ID card, scanned copy | Yes | Avoid unnecessary copies and specify verification purpose. |
Identity Data, Employment Data | ||||
Immigration and visa status data | High | Visa type, expiry date, share code, settled status result | Yes | Include lawful work checking and status update handling. |
Criminal Offence Data, Employment Data | ||||
DBS and criminal records check data | High | DBS certificate number, conviction details, barred list result | Yes | Identify Article 10 data and relevant DPA 2018 condition. |
Criminal Offence Data, Employment Data, Other | ||||
Allegations and internal investigation data | High | Witness statements, alleged misconduct, investigation evidence | Yes | Flag potential criminal offence data even before findings. |
Special Category Data | ||||
Health and medical data | High | Diagnosis, treatment notes, prescriptions, medical history | Yes | Identify Article 9 condition and health confidentiality controls. |
Mental health data | High | Counselling notes, stress assessments, mental health diagnosis | Yes | Use narrow wording and enhanced access restrictions. |
Special Category Data, Employment Data | ||||
Disability and reasonable adjustments data | High | Disability status, adjustment request, accessibility needs | Yes | Separate adjustment outcome from detailed medical evidence. |
Special Category Data, Identity Data | ||||
Biometric data for identification | High | Fingerprint template, facial recognition template, voiceprint | Yes | State if used for uniquely identifying a person. |
Identity Data, Other | ||||
Images used for non-biometric purposes | Medium | Profile photo, ID badge image, event photo | Sometimes | Clarify that no biometric identification template is created. |
Special Category Data | ||||
Genetic data | High | DNA profile, genetic test result, inherited condition marker | Yes | Use only if the processor actually handles genetic information. |
Racial or ethnic origin data | High | Ethnicity monitoring form, diversity survey response | Yes | Usually include equality monitoring purpose and aggregation controls. |
Religion or philosophical belief data | High | Religious affiliation, belief declaration, faith-based request | Yes | Specify if collected for accommodations or equality monitoring. |
Political opinions data | High | Political affiliation, campaign preference, survey response | Yes | Avoid unless expressly required by the service. |
Special Category Data, Employment Data | ||||
Trade union membership data | High | Union membership, subscription deduction, union representative role | Yes | Flag payroll deductions or employee relations use. |
Special Category Data | ||||
Sex life or sexual orientation data | High | Sexual orientation survey response, relationship context, support notes | Yes | Use narrow wording and avoid unnecessary free-text collection. |
Identity Data, Contact Data, Other | ||||
Children’s personal data | High | Child name, age, school, parent contact, learning records | Yes | State age range, parental controls and child-specific protections. |
Education and student records | Medium | Attendance, grades, learning support, pupil ID | Sometimes | Flag children’s data and any health or safeguarding content. |
Special Category Data, Criminal Offence Data, Other | ||||
Safeguarding and welfare records | High | Concern report, welfare notes, referral details, risk indicators | Yes | Identify strict access, escalation and retention rules. |
Usage Data, Other | ||||
Location data | High | GPS coordinates, cell tower data, delivery location, geofence event | Yes | Distinguish precise tracking from coarse location data. |
Usage Data, Identity Data | ||||
IP addresses and online identifiers | Medium | IP address, cookie ID, device ID, advertising ID | Sometimes | Mention cookies, analytics and security logging where relevant. |
Usage Data | ||||
Cookie and tracking data | Medium | Cookie ID, pixel event, consent signal, browsing segment | Sometimes | Note PECR relevance and consent management responsibilities. |
Website analytics data | Low | Page views, referrer, user journey, device type | Sometimes | State if data is aggregated, pseudonymised or user-level. |
Device and browser data | Low | Device model, OS, browser version, screen size | No | Note if combined with identifiers for profiling. |
Contact Data, Other | ||||
Communications content | Medium | Emails, messages, chat transcripts, call notes | Sometimes | Flag free-text fields that may contain sensitive data. |
Usage Data, Other | ||||
Call recordings and voice data | Medium | Recorded calls, voicemail, call metadata, speaker voice | Sometimes | Clarify recording purpose, retention and transcription use. |
Contact Data, Usage Data, Other | ||||
Customer support records | Medium | Ticket history, support messages, screenshots, troubleshooting logs | Sometimes | Warn that attachments may include unexpected sensitive data. |
Contact Data, Usage Data | ||||
Marketing preference data | Low | Opt-in status, unsubscribe record, channel preference, campaign history | Sometimes | Record consent, suppression lists and PECR responsibilities. |
Usage Data, Other | ||||
Behavioural profiling data | High | Predicted interests, risk score, propensity model, segment | Yes | Flag profiling and any automated decision-making. |
Usage Data, Financial Data, Employment Data, Other | ||||
Automated decision-making data | High | Eligibility score, fraud score, ranking output, decision reason | Yes | Describe human review, contestation and model input categories. |
Other, Usage Data | ||||
AI prompts and generated outputs | High | Prompt text, uploaded documents, model output, feedback rating | Yes | State if prompts may include confidential or special category data. |
Other | ||||
User-uploaded documents and files | High | Contracts, forms, images, spreadsheets, supporting evidence | Yes | Treat as variable-risk data and restrict processing purposes. |
Free-text notes and comments | Medium | Internal notes, comments, descriptions, case updates | Sometimes | Warn users not to enter unnecessary sensitive data. |
Identity Data, Other | ||||
CCTV and video footage | Medium | Surveillance footage, timestamp, camera location, incident clip | Sometimes | State surveillance purpose, retention and disclosure controls. |
Identity Data, Usage Data | ||||
Physical access and visitor logs | Medium | Entry time, badge ID, visitor name, host, access zone | Sometimes | Clarify if used for security monitoring or attendance. |
Usage Data, Employment Data, Other | ||||
Vehicle and telematics data | High | Vehicle location, speed, driving behaviour, route history | Yes | Describe tracking granularity and worker monitoring limits. |
Identity Data, Usage Data, Contact Data | ||||
Social media identifiers and activity | Medium | Handle, profile URL, posts, engagement, direct messages | Sometimes | Flag if social listening or screening is included. |
Contact Data, Identity Data | ||||
Supplier and business contact data | Low | Business name, work email, role, phone number | No | Keep separate from consumer or employee datasets if helpful. |
Identity Data, Contact Data, Financial Data | ||||
Shareholder and investor data | Medium | Shareholding, investor contact, dividend payment, register entry | Sometimes | Identify statutory register and payment processing elements. |
Other, Special Category Data, Criminal Offence Data | ||||
Legal matter and claims data | High | Claim file, evidence, legal advice, settlement history | Yes | Flag privilege, litigation purpose and variable sensitive content. |
Financial Data, Special Category Data, Other | ||||
Insurance policy and claims data | High | Policy details, claim history, injury details, beneficiaries | Yes | Separate routine policy data from health or claims evidence. |
Criminal Offence Data, Usage Data, Financial Data, Other | ||||
Fraud prevention and security risk data | High | Fraud flags, device fingerprint, suspicious transaction, watchlist match | Yes | Identify fraud checks, data sharing and false positive controls. |
Identity Data, Financial Data, Criminal Offence Data | ||||
KYC and anti-money laundering data | High | ID check, sanctions result, PEP status, source of funds | Yes | State screening providers, retention and restricted disclosure. |
Sanctions and politically exposed person screening data | High | Sanctions match, PEP status, adverse media result, screening score | Yes | Describe match review process and audit trail. |
Special Category Data, Financial Data, Other | ||||
Customer vulnerability data | High | Health vulnerability, financial difficulty, bereavement, support need | Yes | Use narrow labels and limit access to support teams. |
Contact Data, Other, Financial Data | ||||
Complaint and dispute data | Medium | Complaint narrative, resolution notes, refund details, evidence | Sometimes | Flag if complaints may include health, vulnerability or offence data. |
Identity Data | ||||
Age and date of birth data | Medium | Date of birth, age band, age verification result | Sometimes | Higher risk when used for children or identity verification. |
Identity Data, Special Category Data | ||||
Gender, title and pronoun data | Medium | Gender, title, pronouns, gender identity information | Sometimes | Flag if data reveals sensitive identity or equality information. |
Other, Contact Data | ||||
Family and relationship data | Medium | Marital status, dependants, family contacts, household members | Sometimes | Consider third-party notices and special category overlap. |
Usage Data, Financial Data, Other | ||||
Household and utility usage data | Medium | Meter readings, energy use, occupancy indicators, tariff data | Sometimes | Flag if data can reveal occupancy patterns or vulnerability. |
Contact Data, Financial Data, Other | ||||
Property and tenancy data | Medium | Tenancy agreement, rent payment, property address, guarantor details | Sometimes | Identify landlord, agent, tenant and guarantor data flows. |
Travel and booking data | Medium | Itinerary, passport detail, booking reference, special assistance request | Sometimes | Flag passport, health or accessibility data if included. |
Identity Data, Contact Data, Usage Data, Financial Data | ||||
Loyalty and rewards data | Medium | Membership number, points balance, redemption history, preferences | Sometimes | Mention profiling or direct marketing if used. |
Contact Data, Usage Data, Other | ||||
Survey and feedback data | Medium | Sometimes | State if anonymous, pseudonymous or linked to users. | |
Usage Data, Contact Data, Other | ||||
Consent and permissions records | Medium | Consent timestamp, consent wording, withdrawal, preference setting | Sometimes | Record evidence of consent and withdrawal handling. |
Identity Data, Contact Data, Other | ||||
Data subject request records | Medium | DSAR request, identity verification, response log, exemption note | Sometimes | Clarify processor assistance with UK GDPR rights requests. |
Other, Usage Data, Identity Data | ||||
Security incident and breach records | High | Incident report, affected records, log evidence, notification status | Yes | Include breach cooperation, evidence preservation and rapid notice. |
Usage Data, Identity Data | ||||
System audit logs | Medium | User ID, action taken, timestamp, record accessed | Sometimes | State audit purpose, retention and privileged access controls. |
Other | ||||
Pseudonymised datasets | Medium | User key, tokenised ID, coded research record, hashed email | Sometimes | Explain who holds the re-identification key. |
Aggregated or anonymised outputs | Low | Aggregate report, statistics, anonymised trend data | Sometimes | State anonymisation standard and re-identification restrictions. |
Identity Data, Contact Data, Special Category Data, Other | ||||
Research participant data | High | Participant ID, consent form, study data, interview transcript | Yes | Describe pseudonymisation, ethics controls and reuse limits. |
Special Category Data, Identity Data, Other | ||||
Clinical trial data | High | Trial ID, medical observations, adverse events, consent records | Yes | Specify sponsor, site, processor and coded data handling. |
Employment Data, Usage Data | ||||
Workplace monitoring data | High | Productivity metrics, screenshots, keystroke logs, monitoring alerts | Yes | State monitoring scope, transparency and impact assessment controls. |
Usage Data, Contact Data, Employment Data | ||||
Email and calendar metadata | Medium | Sender, recipient, subject line, meeting title, timestamp | Metadata may reveal sensitive patterns or confidential relationships. | |
Employment Data, Contact Data, Identity Data | ||||
Staff directory and organisation chart data | Low | Name, role, team, work email, reporting line | No | Note if externally visible or synced to third-party tools. |
Employment Data, Identity Data | ||||
Professional qualifications and training data | Low | Certification, licence number, training record, CPD status | No | State if verification with professional bodies is included. |
Identity Data, Contact Data, Financial Data, Other | ||||
Beneficiary and dependant data | Medium | Beneficiary name, relationship, contact details, allocation percentage | Sometimes | Note third-party personal data collected from employees or customers. |
Employment Data, Special Category Data, Other | ||||
Health and safety incident data | High | Accident report, injury details, witness names, RIDDOR reference | Yes | Separate injury details from safety administration records. |
Contact Data, Financial Data, Other | ||||
Donor and fundraising data | Medium | Donation history, Gift Aid declaration, supporter preferences | Sometimes | Include direct marketing, Gift Aid and suppression list use. |
Identity Data, Contact Data, Financial Data, Other | ||||
Membership records | Medium | Member number, subscription status, membership tier, renewal date | Sometimes | Flag if membership reveals political, union or religious views. |
Identity Data, Contact Data, Other | ||||
Event registration and attendance data | Low | Attendee name, ticket, dietary request, attendance status | Sometimes | Dietary or accessibility requests may reveal sensitive data. |
Special Category Data, Other | ||||
Dietary and accessibility request data | Medium | Allergy, dietary restriction, mobility need, assistance request | Sometimes | May imply health or religion collect only necessary detail. |
Usage Data, Other | ||||
IoT and smart device data | Medium | Sensor reading, device status, usage event, home automation log | Sometimes | Flag household inference, location or health-related data. |
Other | ||||
Backup and archive data | High | Database backup, file archive, disaster recovery copy | Yes | Describe encryption, restoration access and deletion timing. |
What Personal Data Categories Should A UK Data Processing Schedule Identify?
A UK data processing schedule should separate routine categories such as identity, contact, employment, usage and financial data from higher-risk categories such as health data, biometric identifiers, criminal offence data, children’s data and government identifiers. This helps show the processor’s instructions, security measures and sub-processing limits are proportionate to the data being handled.
Which Categories Need Extra Safeguards In A UK DPA?
Special category data under UK GDPR Article 9, such as health, racial or ethnic origin, political opinions, religion, trade union membership, genetic data, biometric data for identification, sex life and sexual orientation, normally needs enhanced safeguards. Criminal offence data under UK GDPR Article 10 and Data Protection Act 2018 safeguards should also be identified separately. Schedules should describe these categories narrowly and avoid broad wording such as all sensitive data.
How Should Data Categories Be Drafted In A Processing Schedule?
- Use practical labels such as payroll data, customer support records, device identifiers or employee sickness records, rather than only legal labels.
- Flag categories that may include special category or criminal offence data, even if processed only occasionally.
- State examples of data items, because a vague category can make Article 28 processor obligations harder to evidence.
- For high-risk categories, align the schedule with access controls, encryption, audit logging, retention limits and any UK international transfer safeguards.

FAQs
You Might Also Be Interested In



