Lars Galow (Management, Information Security Officer)

Christoph Wilken (Consultant)

Thorsten Kamp (Officer, Deputy Information Security Officer)

Visitor address

Ecological Centre ÖCO, 3rd floor Uhlhornsweg 99a 26129 Oldenburg

Postal address

Carl von Ossietzky Universität Oldenburg 
Stabsstelle Datenschutz- und Informationssicherheitsmanagement
Ammerländer Heerstr. 114-118
26129 Oldenburg


"Processing" within the meaning of the GDPR

The term "processing" includes

  • collection,
  • the recording,
  • organisation,
  • structuring,
  • storage,
  • adaptation or modification,
  • retrieval,
  • consultation,
  • the use,
  • disclosure by transmission, dissemination,
  • distribution or any other form of making available,
  • the alignment or combination,
  • the restriction,
  • the erasure or destruction

of data.

In the following, the different individual acts will be defined in more detail, but they cannot always be completely distinguished from each other.

  • Collection
    Data Collection is generally understood to mean obtaining data from the data subject. An "active action" (i.e. taking action) by the person responsible is necessary.
  • Recording
    The term "recording" refers to the fixing of data on a data carrier. As soon as the data has been fixed, it is considered to be "stored".
  • Organisation
    This refers to the structuring of stored data.
  • Structuring
    Subcategory of organisation: As a rule, data is ordered in order to facilitate readout and retrieval. (E.G.: Moving a file to a folder; filing a document in a file).
  • Storage
    The storage of data or the associated retention of data. The "other side" of deletion and destruction.
  • Adaption or alternation
    This is the replacement of an already stored date with another date.
  • Retrieval
    This is a process by which a recorded date is specifically noted - "retrieved".
  • Consultation
    This refers to a process by which a data carrier is searched for specific criteria in order to then take note of the "consultation result".
  • Use
    This can include almost any processing operation where the date is already known. For example, the analysis of research data is a "use" or, in relation to an e-mail, the sending of an e-mail also constitutes the use of the personal data.
  • Disclosure
    This refers to a process by which a third party is given knowledge or the opportunity to gain knowledge. Through disclosure, the data is duplicated and the number of persons with knowledge is increased.
    • Transmission (subcategory of disclosure) This refers to disclosure to (previously) individually determined addressees.
    • Dissemination This refers to disclosure to an undefined group of addressees (e.g. publication on the Internet).
    • Other form of making available (subset of disclosure) This is a so-called "catch-all" situation; e.g. making available for inspection.
  • Alignment or combination
    This refers to the allocation of several separately stored data. This is a through-stage to retrieval.
  • Restriction
    This is the marking of stored personal data with the aim of restricting their future processing.
  • Erasure
    Erasure is the removal of stored data from all data carriers under the control of the data controller in such a way that it can no longer be read.
  • Destruction
    This is the process of destroying the data carrier on which the date is stored so that the date can no longer be read. (e.g. shredding of paper files).


Internetkoordinator (Changed: 29 May 2024)  | 
Zum Seitananfang scrollen Scroll to the top of the page