When uploading content to Dragonfly AI, it is your responsibility as the data controller to be aware of and abide by any applicable privacy laws (e.g. GDPR) and ensure that any Personal Identifiable Information (PII) is handled appropriately.
If at any point you are unsure regarding any restrictions or regulations that may apply, we recommend you seek advice from your designated Data Protection Officer (DPO).
For more information on the GDPR please visit the ICO website.
What does it mean if you are a data controller?
Controllers shoulder the highest level of compliance responsibility – you must comply with, and demonstrate compliance with, all the data protection principles as well as the other GDPR requirements. You are also responsible for the compliance of your processor(s).
What is personal data?
The GDPR applies to the processing of personal data that is:
wholly or partly by automated means; or
the processing other than by automated means of personal data which forms part of, or is intended to form part of, a filing system.
Personal data only includes information relating to natural persons who:
can be identified or who are identifiable, directly from the information in question; or
who can be indirectly identified from that information in combination with other information.
What are identifiers and related factors?
An individual is ‘identified’ or ‘identifiable’ if you can distinguish them from other individuals.
A name is perhaps the most common means of identifying someone. However whether any potential identifier actually identifies an individual depends on the context.
A combination of identifiers may be needed to identify an individual.
The UK GDPR provides a non-exhaustive list of identifiers, including:
location data; and
an online identifier.
‘Online identifiers’ includes IP addresses and cookie identifiers which may be personal data.
Other factors can identify an individual.
For additional help or assistance please contact [email protected] or any member of the Dragonfly AI team.