Sensitive data is a special category of personal data under the GDPR.
The following types of information fall under this definition:
As a Data controller, you must meet the following conditions in order to process sensitive data:
For more details we recommend reading this article prepared by the European Commission.
What’s more, such data requires special protection from unauthorized access to ensure that the privacy and security of both individuals and companies is properly guarded. You can read about this here.