All data that can lead to your identification is personal data and its processing needs to follow the rules of the GDPR. We cover all types of personal data here. Basically, any information about an individual is personal data. However, not all these data can actually lead to the unique identification of an individual – and this is, in essence, how personal data is defined under the GDPR. For example, if you only have the name and gender of a person you might not be able to identify them, especially in the case of very common names. The IP address is another controversial topic in the GDPR, as it can sometimes lead to the identification of a person. As common sense, you should probably pay attention to all data regarding an individual and make sure any processing is GDPR compliant. Guessing that he or she will not be identified only based on their name is not good practice and can subject you to some serious fines. Remember, once you have the consent of an individual to use their data, you are responsible for anything that happens with it.