The General Data Protection Regulation (GDPR) is an European law governing the use of consent and personal data. Some of its obligations involve concepts related to the lifecycles of consent and personal data. Such obligations are concerned with how the collection, use, processing, sharing, and storing of consent and personal data takes place and provides the motivation for a form of documentation that can demonstrate the required information towards compliance. GDPRov is an OWL2 ontology for representing this information as provenance metadata using terms relevant to the GDPR. It extends PROV-O and P-Plan to represent the lifecyles as an abstract model of how things should happen or will happen (future) as well as instance of what has happened (past). The ontology is being developed as part of contributions towards PhD research by its primary author. 2017-08-01 http://purl.org/adaptcentre/people/dave_lewis http://purl.org/adaptcentre/people/harshvardhan_pandit GDPRov is an OWL2 ontology to express provenance metadata of consent and data lifecycles towards documenting compliance for GDPR. https://creativecommons.org/licenses/by/4.0/ 2018-04-06 The GDPR Provenance ontology gdprov http://purl.org/adaptcentre/openscience/ontologies/gdprov# GDPRov is an ontology for expressing provenance metadata in the context of the General Data Protection Regulation (GDPR) and its compliance. It extends PROV-O and P-Plan. PROV-O is the ontology based on the PROV model, a W3C recommendation, while P-Plan is an extension of PROV-O. PROV is used to define terms or 'instances' of what has happened in the past, while P-Plan is used to define the abstract model or 'Plan' of things to happen. GDPRov uses P-Plan to create a template/model/plan as an abstract or model representation of a system which is then recorded using PROV-O instances to show something has happened. The aim of the ontology is to enable representation of consent and personal data lifecycles using terms relevant to GDPR and to facilitate expression of this information towards documentation related to compliance. https://openscience.adaptcentre.ie/ontologies/gdprov/v/gdprov.0.6.owl 0.6 Classify prov-o terms into three categories, including 'starting-point', 'qualifed', and 'extended'. This classification is used by the prov-o html document to gently introduce prov-o terms to its users. Classify prov-o terms into six components according to prov-dm, including 'agents-responsibility', 'alternate', 'annotations', 'collections', 'derivations', and 'entities-activities'. This classification is used so that readers of prov-o specification can find its correspondence with the prov-dm specification. A reference to the principal section of the PROV-CONSTRAINTS document that describes this concept. A definition quoted from PROV-DM or PROV-CONSTRAINTS that describes the concept expressed with this OWL term. A reference to the principal section of the PROV-DM document that describes this concept. A note by the OWL development team about how this term expresses the PROV-DM concept, or how it should be used in context of semantic web or linked data. When the prov-o term does not have a definition drawn from prov-dm, and the prov-o editor provides one. PROV-O does not define all property inverses. The directionalities defined in PROV-O should be given preference over those not defined. However, if users wish to name the inverse of a PROV-O property, the local name given by prov:inverse should be used. A reference to the principal section of the PROV-DM document that describes this concept. The position that this OWL term should be listed within documentation. The scope of the documentation (e.g., among all terms, among terms within a prov:category, among properties applying to a particular class, etc.) is unspecified. This annotation property links a subproperty of prov:wasInfluencedBy with the subclass of prov:Influence and the qualifying property that are used to qualify it. Example annotation: prov:wasGeneratedBy prov:qualifiedForm prov:qualifiedGeneration, prov:Generation . Then this unqualified assertion: :entity1 prov:wasGeneratedBy :activity1 . can be qualified by adding: :entity1 prov:qualifiedGeneration :entity1Gen . :entity1Gen a prov:Generation, prov:Influence; prov:activity :activity1; :customValue 1337 . Note how the value of the unqualified influence (prov:wasGeneratedBy :activity1) is mirrored as the value of the prov:activity (or prov:entity, or prov:agent) property on the influence class. Classes and properties used to qualify relationships are annotated with prov:unqualifiedForm to indicate the property used to assert an unqualified provenance relation. anonymity level true Archives the consent into some entity archives consent as Links data obtained (collected) by the step/activity that acquired it collectsData Indicates that an DataAnonymisationStep transforms a Data object into AnonymisedData generatesAnonymisedData Generates ConsentAgreement which is a the consent granted by the user based on the ConsentAgreementTemplate through a ConsentAcquisitionStep generatesConsentAgreement produces data generatesData Indicates the anonymity level of an AnonymisedData object using instances of the AnonymityLevel class hasAnonymityLevel hasLegalBasis has legal justification true hasSharedDataWith isAnonymisedByStep isConsentAgreementTemplateForStep isDataCollectedByStep isDataGeneratedByStep isGeneratedByStep isJustificationForDataStep justifies use of data by step through specified consent agreement isJustifiedUsingConsentAgreement isPartOfProcess isTermsAndConditionsForStep isUsedByStep Indicates sharing of Data through a DataStep sharesData sharesDataWith Shares data with a third party sharesDataWithThirdParty true transferredDataToRegion transfersDataToRegion uses Consent Agreement entity uses Consent Agreement links a Consent Acquisition Step with the Consent Agreement Template used to acquire consent usesConsentAgreementTemplate links step with data used usesData Links a Consent Acquisition Step with the Terms and Conditions presented to the user when acquiring Consent usesTermsAndConditions correspondsToStep p-plan:correspondsToStep links a p-plan:Activity to its planned p-plan:Step correspondsToVariable p-plan:correspondsToVariable binds a p-plan:Entity (used by a p-plan:Activity in the execution of a plan) to the p-plan:Variable it represented it in the p-plan:Plan. hasInputVar p-plan:hasInputVar binds a p-plan:Step to the p-plan:Variable that takes as input for the planned execution hasOutputVar p-plan:hasOutputVar binds a p-plan:Step to the p-plan:Variable that will be produced as output in the planned execution isDecomposedAsPlan The p-plan:isDecomposedAsPlan relationship binds a p-plan:MultiStep to the p-plan:Plan holding the definition of that step. That is, p-plan:isDecomposedAsPlan links the MultiStep to the Plan sptecification where it is decomposed. isInputVarOf p-plan:isInputVarOf links an input variable of a step to the step. isOutputVarOf p-plan:isOutputVarOf is intended to link an output variable of a step to the step. Property that asserts which Step preceeds the current one. isPrecededBy isStepOfPlan p-plan:isStepOfPlan links a p-plan:Step to the p-plan:Plan which it corresponds to. isSubPlanOfPlan A p-plan:Plan may be a subplan of another bigger p-plan:Plan. p-plan:isSubPlanOfPlan is used to state the link among the two different plans. Note that if p1 is a p-plan:subPlan of p2, p1will not necessarily be a step of p2. A multistep will represent p1 in p2, and link to p1 with the p-plan.hasStepDecomposition relationship. isVariableofPlan p-plan:IsVariableOfPlan binds a p-plan:Variable to the p-plan:Plan it corresponds to. An object property to express the accountability of an agent towards another agent. The subordinate agent acted on behalf of the responsible agent in an actual activity. actedOnBehalfOf starting-point agents-responsibility hadDelegate activity qualified This property behaves in spirit like rdf:object; it references the object of a prov:wasInfluencedBy triple. The prov:activity property references an prov:Activity which influenced a resource. This property applies to an prov:ActivityInfluence, which is given by a subproperty of prov:qualifiedInfluence from the influenced prov:Entity, prov:Activity or prov:Agent. activityOfInfluence agent qualified This property behaves in spirit like rdf:object; it references the object of a prov:wasInfluencedBy triple. The prov:agent property references an prov:Agent which influenced a resource. This property applies to an prov:AgentInfluence, which is given by a subproperty of prov:qualifiedInfluence from the influenced prov:Entity, prov:Activity or prov:Agent. agentOfInfluence alternateOf expanded alternate http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Two alternate entities present aspects of the same thing. These aspects may be the same or different, and the alternate entities may or may not overlap in time. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-alternate alternateOf http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-alternate The Location of any resource. This property has multiple RDFS domains to suit multiple OWL Profiles. See <a href="#owl-profile">PROV-O OWL Profile</a>. atLocation expanded The naming of prov:atLocation parallels prov:atTime, and is not named prov:hadLocation to avoid conflicting with the convention that prov:had* properties are used on prov:Influence classes. This property is not functional because the many values could be at a variety of granularies (In this building, in this room, in that chair). locationOf entity qualified This property behaves in spirit like rdf:object; it references the object of a prov:wasInfluencedBy triple. The prov:entity property references an prov:Entity which influenced a resource. This property applies to an prov:EntityInfluence, which is given by a subproperty of prov:qualifiedInfluence from the influenced prov:Entity, prov:Activity or prov:Agent. entityOfInfluence generated expanded entities-activities prov:generated is one of few inverse property defined, to allow Activity-oriented assertions in addition to Entity-oriented assertions. wasGeneratedBy The _optional_ Activity of an Influence, which used, generated, invalidated, or was the responsibility of some Entity. This property is _not_ used by ActivityInfluence (use prov:activity instead). This property has multiple RDFS domains to suit multiple OWL Profiles. See <a href="#owl-profile">PROV-O OWL Profile</a>. hadActivity qualified derivations The multiple rdfs:domain assertions are intended. One is simpler and works for OWL-RL, the union is more specific but is not recognized by OWL-RL. wasActivityOfInfluence The _optional_ Generation involved in an Entity's Derivation. hadGeneration qualified derivations generatedAsDerivation hadMember expanded expanded wasMemberOf A collection is an entity that provides a structure to some constituents, which are themselves entities. These constituents are said to be member of the collections. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-collection The _optional_ Plan adopted by an Agent in Association with some Activity. Plan specifications are out of the scope of this specification. hadPlan qualified agents-responsibility wasPlanOf hadPrimarySource expanded derivations wasPrimarySourceOf hadPrimarySource property is a particular case of wasDerivedFrom (see http://www.w3.org/TR/prov-dm/#term-original-source) that aims to give credit to the source that originated some information. The _optional_ Role that an Entity assumed in the context of an Activity. For example, :baking prov:used :spoon; prov:qualified [ a prov:Usage; prov:entity :spoon; prov:hadRole roles:mixing_implement ]. This property has multiple RDFS domains to suit multiple OWL Profiles. See <a href="#owl-profile">PROV-O OWL Profile</a>. hadRole qualified agents-responsibility prov:hadRole references the Role (i.e. the function of an entity with respect to an activity), in the context of an instantaneous usage, generation, association, start, and end. wasRoleIn The _optional_ Usage involved in an Entity's Derivation. hadUsage qualified derivations wasUsedInDerivation influenced expanded agents-responsibility wasInfluencedBy Subproperties of prov:influencer are used to cite the object of an unqualified PROV-O triple whose predicate is a subproperty of prov:wasInfluencedBy (e.g. prov:used, prov:wasGeneratedBy). prov:influencer is used much like rdf:object is used. influencer qualified http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-influence This property and its subproperties are used in the same way as the rdf:object property, i.e. to reference the object of an unqualified prov:wasInfluencedBy or prov:influenced triple. This property is used as part of the qualified influence pattern. Subclasses of prov:Influence use these subproperties to reference the resource (Entity, Agent, or Activity) whose influence is being qualified. hadInfluence invalidated expanded entities-activities prov:invalidated is one of few inverse property defined, to allow Activity-oriented assertions in addition to Entity-oriented assertions. wasInvalidatedBy If this Activity prov:wasAssociatedWith Agent :ag, then it can qualify the Association using prov:qualifiedAssociation [ a prov:Association; prov:agent :ag; :foo :bar ]. qualifiedAssociation qualified agents-responsibility qualifiedAssociationOf If this Entity prov:wasAttributedTo Agent :ag, then it can qualify how it was influenced using prov:qualifiedAttribution [ a prov:Attribution; prov:agent :ag; :foo :bar ]. qualifiedAttribution qualified agents-responsibility qualifiedAttributionOf If this Activity prov:wasInformedBy Activity :a, then it can qualify how it was influenced using prov:qualifiedCommunication [ a prov:Communication; prov:activity :a; :foo :bar ]. qualifiedCommunication qualified entities-activities qualifiedCommunicationOf If this Agent prov:actedOnBehalfOf Agent :ag, then it can qualify how with prov:qualifiedResponsibility [ a prov:Responsibility; prov:agent :ag; :foo :bar ]. qualifiedDelegation qualified agents-responsibility qualifiedDelegationOf If this Entity prov:wasDerivedFrom Entity :e, then it can qualify how it was derived using prov:qualifiedDerivation [ a prov:Derivation; prov:entity :e; :foo :bar ]. qualifiedDerivation qualified derivations qualifiedDerivationOf If this Activity prov:wasEndedBy Entity :e1, then it can qualify how it was ended using prov:qualifiedEnd [ a prov:End; prov:entity :e1; :foo :bar ]. qualifiedEnd qualified entities-activities qualifiedEndOf If this Activity prov:generated Entity :e, then it can qualify how it performed the Generation using prov:qualifiedGeneration [ a prov:Generation; prov:entity :e; :foo :bar ]. qualifiedGeneration qualified entities-activities qualifiedGenerationOf Because prov:qualifiedInfluence is a broad relation, the more specific relations (qualifiedCommunication, qualifiedDelegation, qualifiedEnd, etc.) should be used when applicable. qualifiedInfluence qualified derivations qualifiedInfluenceOf If this Entity prov:wasInvalidatedBy Activity :a, then it can qualify how it was invalidated using prov:qualifiedInvalidation [ a prov:Invalidation; prov:activity :a; :foo :bar ]. qualifiedInvalidation qualified entities-activities qualifiedInvalidationOf If this Entity prov:hadPrimarySource Entity :e, then it can qualify how using prov:qualifiedPrimarySource [ a prov:PrimarySource; prov:entity :e; :foo :bar ]. qualifiedPrimarySource qualified derivations qualifiedSourceOf If this Entity prov:wasQuotedFrom Entity :e, then it can qualify how using prov:qualifiedQuotation [ a prov:Quotation; prov:entity :e; :foo :bar ]. qualifiedQuotation qualified derivations qualifiedQuotationOf If this Entity prov:wasRevisionOf Entity :e, then it can qualify how it was revised using prov:qualifiedRevision [ a prov:Revision; prov:entity :e; :foo :bar ]. qualifiedRevision qualified derivations revisedEntity If this Activity prov:wasStartedBy Entity :e1, then it can qualify how it was started using prov:qualifiedStart [ a prov:Start; prov:entity :e1; :foo :bar ]. qualifiedStart qualified entities-activities qualifiedStartOf If this Activity prov:used Entity :e, then it can qualify how it used it using prov:qualifiedUsage [ a prov:Usage; prov:entity :e; :foo :bar ]. qualifiedUsage qualified entities-activities qualifiedUsingActivity A prov:Entity that was used by this prov:Activity. For example, :baking prov:used :spoon, :egg, :oven . used starting-point entities-activities wasUsedBy An prov:Agent that had some (unspecified) responsibility for the occurrence of this prov:Activity. wasAssociatedWith starting-point agents-responsibility wasAssociateFor Attribution is the ascribing of an entity to an agent. wasAttributedTo starting-point agents-responsibility Attribution is the ascribing of an entity to an agent. contributed Attribution is a particular case of trace (see http://www.w3.org/TR/prov-dm/#concept-trace), in the sense that it links an entity to the agent that ascribed it. IF wasAttributedTo(e2,ag1,aAttr) holds, THEN wasInfluencedBy(e2,ag1) also holds. The more specific subproperties of prov:wasDerivedFrom (i.e., prov:wasQuotedFrom, prov:wasRevisionOf, prov:hadPrimarySource) should be used when applicable. wasDerivedFrom starting-point derivations A derivation is a transformation of an entity into another, an update of an entity resulting in a new one, or the construction of a new entity based on a pre-existing entity. hadDerivation Derivation is a particular case of trace (see http://www.w3.org/TR/prov-dm/#term-trace), since it links an entity to another entity that contributed to its existence. End is when an activity is deemed to have ended. An end may refer to an entity, known as trigger, that terminated the activity. wasEndedBy expanded entities-activities ended wasGeneratedBy starting-point entities-activities generated Because prov:wasInfluencedBy is a broad relation, its more specific subproperties (e.g. prov:wasInformedBy, prov:actedOnBehalfOf, prov:wasEndedBy, etc.) should be used when applicable. This property has multiple RDFS domains to suit multiple OWL Profiles. See <a href="#owl-profile">PROV-O OWL Profile</a>. wasInfluencedBy qualified agents-responsibility The sub-properties of prov:wasInfluencedBy can be elaborated in more detail using the Qualification Pattern. For example, the binary relation :baking prov:used :spoon can be qualified by asserting :baking prov:qualifiedUsage [ a prov:Usage; prov:entity :spoon; prov:atLocation :kitchen ] . Subproperties of prov:wasInfluencedBy may also be asserted directly without being qualified. prov:wasInfluencedBy should not be used without also using one of its subproperties. influenced influencee: an identifier (o2) for an entity, activity, or agent; http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-influence influencer: an identifier (o1) for an ancestor entity, activity, or agent that the former depends on; http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-influence An activity a2 is dependent on or informed by another activity a1, by way of some unspecified entity that is generated by a1 and used by a2. wasInformedBy starting-point entities-activities informed wasInvalidatedBy expanded entities-activities invalidated An entity is derived from an original entity by copying, or 'quoting', some or all of it. wasQuotedFrom expanded derivations quotedAs Quotation is a particular case of derivation (see http://www.w3.org/TR/prov-dm/#term-quotation) in which an entity is derived from an original entity by copying, or "quoting", some or all of it. Revision is a derivation (see http://www.w3.org/TR/prov-dm/#term-Revision). Moreover, according to http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#term-Revision 23 April 2012 'wasRevisionOf is a strict sub-relation of wasDerivedFrom since two entities e2 and e1 may satisfy wasDerivedFrom(e2,e1) without being a variant of each other.' Start is when an activity is deemed to have started. A start may refer to an entity, known as trigger, that initiated the activity. wasStartedBy expanded entities-activities started The time at which an InstantaneousEvent occurred, in the form of xsd:dateTime. atTime qualified entities-activities The time at which an activity ended. See also prov:startedAtTime. endedAtTime starting-point entities-activities It is the intent that the property chain holds: (prov:qualifiedEnd o prov:atTime) rdfs:subPropertyOf prov:endedAtTime. The time at which an entity was completely created and is available for use. generatedAtTime expanded entities-activities It is the intent that the property chain holds: (prov:qualifiedGeneration o prov:atTime) rdfs:subPropertyOf prov:generatedAtTime. The time at which an entity was invalidated (i.e., no longer usable). invalidatedAtTime expanded entities-activities It is the intent that the property chain holds: (prov:qualifiedInvalidation o prov:atTime) rdfs:subPropertyOf prov:invalidatedAtTime. The time at which an activity started. See also prov:endedAtTime. startedAtTime starting-point entities-activities It is the intent that the property chain holds: (prov:qualifiedStart o prov:atTime) rdfs:subPropertyOf prov:startedAtTime. value expanded entities-activities Provides a value that is a direct representation of an entity. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-attribute-value This property serves the same purpose as rdf:value, but has been reintroduced to avoid some of the definitional ambiguity in the RDF specification (specifically, 'may be used in describing structured values'). The editor's definition comes from http://www.w3.org/TR/rdf-primer/#rdfvalue Is an activity that acquires consent. Acquire Consent Activity Is an activity that anonymises data. Anonymisation Activity Represents data that has been Anonymised at some level reflected by the hasAnonymityLevel object property AnonymisedData Is an entity where personal data has been anonymised to some extent. Anonymised Data Entity Provides a way to express the Anonymity Level of AnonymisedData objects through the object property hasAnonymityLevel AnonymityLevel Reflects the process(es) used to appoint processors Appoint Processor An activity that archives given/acquired consent for storage. Archive Consent Activity AutomatedStep ConsentAcquisitionStep deals with acquiring consent from the user. It uses Terms and Conditions along with the appropriate Consent Model as the basis of obtaining consent from the user. The output of this step is the consent object agreed upon by the user. Consent Acquisition Step Is an activity dealing with consent. Consent Activity ConsentAgreement reflects the consent provided by the user based on the provided Terms and Conditions and Consent Agreement Templates. It is the set of permissions the user has specifically provided or refused to provide. This consent is useful to provide justification of activities that use user data. ConsentAgreement This is a template for consent requested from the user. ConsentAgreementTemplate ConsentArchivalStep archives acquired consent to form a record of the consent given by the user. Consent Archival Step ConsentModificationStep deals with modifications to the consent by the user. It invalidates the previous consent object and produces a new updated consent object that represents the modified consent. Consent Modification Step A ConsentStep acts/interacts with/uses Consent Consent Step A ConsentWithdrawalProcess deals with the withdrawal of consent by the user and the corresponding activity carried out within the system Consent Withdrawal Process ConsentWithdrawalStep deals with withdrawal of consent Consent Withdrawal Step A ThirdPartyDataController is a Third Party entity that acts as a Data Controller Controller A Representative of the Controller Controller Representative Reflects cross-border transfer of data Cross-border Data Transfer Is an activity that transfer data across borders (as defined in the GDPR). Cross Border Transfer Activity The Data Protection Officer appointed to an organisation. Data Protection Officer (DPO) Represents class of data collected or generated through various activities Data A DataAccessProcess corresponds to the request made by an user for access to their data within the system. This process is responsible for handling the request process and providing the appropriate data to the end user. Data Access Process Is an activity involving data. Data Activity DataAnonymisationStep anonymises data by transforming it from one form to another along the anonymisation chain. Anonymisation can be represented as a spectrum going from raw user data to pseudo-anonymised data that can be de-anonymised by the same agent/organisation to pseudo-anonymous data that cannot be deanonymised internally, but may be done by external agents who have access to other data, and finally to completely anonymised data. Data Anonymisation Step Is an activity that archives data. Archival is transformation of data into some form for storage. Data Archival Activity A DataArchivalProcess describes the process of data archival Data Archival Process DataArchivalStep archives data by transforming it and storing it Data Archival Step Is an activity dealing with data breach. Data Breach Activity A record of a data breach. Data Breach Record Step representing an action associated with data breach. Data Breach Step Is an activity that collects or acquires data. Data Collection Activity DataCollectionStep collects data from the user Data Collection Step DataDeanonymisationStep deanonymises data by transforming it from one form to another along the anonymisation chain. Data Deanonymisation Step Is an activity that deletes or erases data. Data Deletion Activity DataDeletionStep deletes data from within the system; The deletion is expressed as prov:invalidated over the dataset. Data Deletion Step Represents a data entity. Data Entity A DataErasureProcess is responsible for handling the data erasure of a data subject. Data Erasure Process A DataRectificationProcess describes the process of data rectification, which is the correction of data already present within the system Data Rectification Process Is an activity that shares data. Data Sharing Activity DataSharingStep shares data with another agent/organisation. These may be internal or external entities. Data Sharing Step A DataStep deals with data Data Step Is an activity that stores data. Data Storage Activity DataStorageStep stores data within the system Data Storage Step An individual or entity Data Subject DataTransferStep Is an activity that transforms data. Data Transformation Activity DataTransformationStep transforms data from one form into another. Data Transformation Step Is an activity that uses data. Can also be termed as 'Processing' of data. Data Usage Activity A DataUsageStep is a DataStep that uses existing data present within the system Data Usage Step Is an activity that deanonymises data. DeAnonymisation Activity Direct Marketing where the marketing is done directly to the data subject. Direct Marketing Represents the given consent by the data subject. Given Consent Is the template used to obtain the given consent. Given Consent Template A process that defines the actions that should be undertaken in event of a data breach HandleDataBreachProcess The process or series of steps that handle the right of data portability. Handle Right of Data Portability The process or series of steps that handle the right of erasure. Handle Right of Erasure The process or series of steps that handle the right to access personal data. Handle Right to access Personal Data The process or series of steps that handle the right to basic information about processing. Handle Right to basic information about Processing The process or series of steps that handle the right to not be processed automatically. Handle Right to not be evaluated through Automated Processing The process or series of steps that handle the right to object to direct marketing. Handle Right to Object to Direct Marketing The process or series of steps that handle the right to object to processing. Handle Right to Object to Processing The process or series of steps that handle the right to rectification of personal data. Handle Right to Rectification The process or series of steps that handle the right to restrict processing. Handle Right to restrict Processing The process or series of steps that handle the right to transparency. Handle Right to Transparency HandleSAR Impact Assessment for the organisation Represents the process or collection of steps representing the Impact Assessment. Impact Assessment A Joint Controller is where two or more controllers jointly determine the purposes and means of processing. Joint Controller(s) Marketing as a process or collection of steps. Marketing Is an activity that modifies given consent. Modify Consent Activity The process of monitoring compliance as mandated by the GDPR. Monitor Compliance Step that notifies the controller of data breach. Notify Controller Is an activity that notifies controller about data breach Notify Controller Activity Step that notifies the Data Protection Authorities of a data breach. Notify Data Protection Authority Is an activity that notifies data protection authorities about data breach Notify DPA Activity Step that notifies the data subject of data breach. Notify Data Subject Is an activity that notifies data subjects about data breach Notify Data Subject Activity PersonalData is any data pertaining to the user which can contain personally identifiable information or a data set generated by the system using personally identifiable information acquired through direct or indirect means PersonalData Represents a personal data entity. Personal Data Entity A Process describes a 'Plan' of action for carrying out a particular activity that uses or is related to Data or Consent Process A ThirdPartyDataProcessor is a Third Party entity that acts as a Data Processor Processor A representative of the Processor. Processor Representative A step that provides the data subject with a copy of their personal data. Provide copy of Personal Data Rectifies existing data Rectify Data Is an activity that recitifies data. Rectify Data Activity The process of reporting after a data breach has taken place. Report Data Breach Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. Sensitive Personal Data Is an entity containing sensitive personal information. Sensitive Data Entity A Processor appointed under or by another Processor is a Sub-Processor. Sub-Processor Terms and Conditions of usage as provided to the user in agreement of provided service TermsAndConditions Represents the Terms and Conditions entity. Terms and Conditions Entity A ThirdParty is any external entitiy associated with some internal activity ThirdParty An UserIdentifier is a specific way to identify the user through a unique ID or a combination of other attributes UserIdentifier Is an entity acting as the user identifier. Or contains an identifier. User Identifier Entity Is an activity that withdraws given consent. Can also term it so as to depict withdrawal as a modification of consent. Withdraw Consent Activity A p-plan:Activity represents the execution process planned in a p-plan:Step Activity Bundle A p-plan:Bundle is a specific type of prov:Bundle that contains the provenance assertions of the execution of a p-plan:Plan Entity A p-plan:Entity represents the input of the execution of a p-plan:Activity. It corresponds to a p-plan:Variable. MultiStep A multi step is the representation of a plan that appears as a step of another plan. Plan A p-plan:Plan is a specific type of prov:Plan. It is composed of smaller steps that use and produce Variables. Step A p-plan:Step represents the planned execution activity Variable A p-plan:Variable represents a description of the input of the planned Activity (p-plan:Step) Activity starting-point entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig An activity is something that occurs over a period of time and acts upon or with entities; it may include consuming, processing, transforming, modifying, relocating, using, or generating entities. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Activity http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Activity 0 ActivityInfluence provides additional descriptions of an Activity's binary influence upon any other kind of resource. Instances of ActivityInfluence use the prov:activity property to cite the influencing Activity. It is not recommended that the type ActivityInfluence be asserted without also asserting one of its more specific subclasses. ActivityInfluence qualified ActivitiyInfluence is the capacity of an activity to have an effect on the character, development, or behavior of another by means of generation, invalidation, communication, or other. Agent starting-point agents-responsibility An agent is something that bears some form of responsibility for an activity taking place, for the existence of an entity, or for another agent's activity. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-agent http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Agent AgentInfluence provides additional descriptions of an Agent's binary influence upon any other kind of resource. Instances of AgentInfluence use the prov:agent property to cite the influencing Agent. It is not recommended that the type AgentInfluence be asserted without also asserting one of its more specific subclasses. AgentInfluence qualified AgentInfluence is the capacity of an agent to have an effect on the character, development, or behavior of another by means of attribution, association, delegation, or other. An instance of prov:Association provides additional descriptions about the binary prov:wasAssociatedWith relation from an prov:Activity to some prov:Agent that had some responsiblity for it. For example, :baking prov:wasAssociatedWith :baker; prov:qualifiedAssociation [ a prov:Association; prov:agent :baker; :foo :bar ]. Association qualified agents-responsibility An activity association is an assignment of responsibility to an agent for an activity, indicating that the agent had a role in the activity. It further allows for a plan to be specified, which is the plan intended by the agent to achieve some goals in the context of this activity. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Association http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Association An instance of prov:Attribution provides additional descriptions about the binary prov:wasAttributedTo relation from an prov:Entity to some prov:Agent that had some responsible for it. For example, :cake prov:wasAttributedTo :baker; prov:qualifiedAttribution [ a prov:Attribution; prov:entity :baker; :foo :bar ]. Attribution qualified agents-responsibility http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Attribution is the ascribing of an entity to an agent. When an entity e is attributed to agent ag, entity e was generated by some unspecified activity that in turn was associated to agent ag. Thus, this relation is useful when the activity is not known, or irrelevant. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-attribution http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-attribution Note that there are kinds of bundles (e.g. handwritten letters, audio recordings, etc.) that are not expressed in PROV-O, but can be still be described by PROV-O. Bundle expanded A bundle is a named set of provenance descriptions, and is itself an Entity, so allowing provenance of provenance to be expressed. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-bundle-entity http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-bundle-declaration Collection expanded collections A collection is an entity that provides a structure to some constituents, which are themselves entities. These constituents are said to be member of the collections. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-collection An instance of prov:Communication provides additional descriptions about the binary prov:wasInformedBy relation from an informed prov:Activity to the prov:Activity that informed it. For example, :you_jumping_off_bridge prov:wasInformedBy :everyone_else_jumping_off_bridge; prov:qualifiedCommunication [ a prov:Communication; prov:activity :everyone_else_jumping_off_bridge; :foo :bar ]. Communication qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Communication is the exchange of an entity by two activities, one activity using the entity generated by the other. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Communication http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-wasInformedBy An instance of prov:Delegation provides additional descriptions about the binary prov:actedOnBehalfOf relation from a performing prov:Agent to some prov:Agent for whom it was performed. For example, :mixing prov:wasAssociatedWith :toddler . :toddler prov:actedOnBehalfOf :mother; prov:qualifiedDelegation [ a prov:Delegation; prov:entity :mother; :foo :bar ]. Delegation qualified agents-responsibility Delegation is the assignment of authority and responsibility to an agent (by itself or by another agent) to carry out a specific activity as a delegate or representative, while the agent it acts on behalf of retains some responsibility for the outcome of the delegated work. For example, a student acted on behalf of his supervisor, who acted on behalf of the department chair, who acted on behalf of the university; all those agents are responsible in some way for the activity that took place but we do not say explicitly who bears responsibility and to what degree. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-delegation http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-delegation An instance of prov:Derivation provides additional descriptions about the binary prov:wasDerivedFrom relation from some derived prov:Entity to another prov:Entity from which it was derived. For example, :chewed_bubble_gum prov:wasDerivedFrom :unwrapped_bubble_gum; prov:qualifiedDerivation [ a prov:Derivation; prov:entity :unwrapped_bubble_gum; :foo :bar ]. The more specific forms of prov:Derivation (i.e., prov:Revision, prov:Quotation, prov:PrimarySource) should be asserted if they apply. Derivation qualified derivations http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig A derivation is a transformation of an entity into another, an update of an entity resulting in a new one, or the construction of a new entity based on a pre-existing entity. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Derivation http://www.w3.org/TR/2013/REC-prov-n-20130430/#Derivation-Relation An instance of prov:End provides additional descriptions about the binary prov:wasEndedBy relation from some ended prov:Activity to an prov:Entity that ended it. For example, :ball_game prov:wasEndedBy :buzzer; prov:qualifiedEnd [ a prov:End; prov:entity :buzzer; :foo :bar; prov:atTime '2012-03-09T08:05:08-05:00'^^xsd:dateTime ]. End qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig End is when an activity is deemed to have been ended by an entity, known as trigger. The activity no longer exists after its end. Any usage, generation, or invalidation involving an activity precedes the activity's end. An end may refer to a trigger entity that terminated the activity, or to an activity, known as ender that generated the trigger. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-End http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-End Entity starting-point entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig An entity is a physical, digital, conceptual, or other kind of thing with some fixed aspects; entities may be real or imaginary. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-entity http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Entity EntityInfluence provides additional descriptions of an Entity's binary influence upon any other kind of resource. Instances of EntityInfluence use the prov:entity property to cite the influencing Entity. It is not recommended that the type EntityInfluence be asserted without also asserting one of its more specific subclasses. EntityInfluence qualified EntityInfluence is the capacity of an entity to have an effect on the character, development, or behavior of another by means of usage, start, end, derivation, or other. An instance of prov:Generation provides additional descriptions about the binary prov:wasGeneratedBy relation from a generated prov:Entity to the prov:Activity that generated it. For example, :cake prov:wasGeneratedBy :baking; prov:qualifiedGeneration [ a prov:Generation; prov:activity :baking; :foo :bar ]. Generation qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Generation is the completion of production of a new entity by an activity. This entity did not exist before generation and becomes available for usage after this generation. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Generation http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Generation An instance of prov:Influence provides additional descriptions about the binary prov:wasInfluencedBy relation from some influenced Activity, Entity, or Agent to the influencing Activity, Entity, or Agent. For example, :stomach_ache prov:wasInfluencedBy :spoon; prov:qualifiedInfluence [ a prov:Influence; prov:entity :spoon; :foo :bar ] . Because prov:Influence is a broad relation, the more specific relations (Communication, Delegation, End, etc.) should be used when applicable. Because prov:Influence is a broad relation, its most specific subclasses (e.g. prov:Communication, prov:Delegation, prov:End, prov:Revision, etc.) should be used when applicable. Influence qualified derivations Influence is the capacity of an entity, activity, or agent to have an effect on the character, development, or behavior of another by means of usage, start, end, generation, invalidation, communication, derivation, attribution, association, or delegation. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-influence http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-influence An instantaneous event, or event for short, happens in the world and marks a change in the world, in its activities and in its entities. The term 'event' is commonly used in process algebra with a similar meaning. Events represent communications or interactions; they are assumed to be atomic and instantaneous. InstantaneousEvent qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#dfn-event The PROV data model is implicitly based on a notion of instantaneous events (or just events), that mark transitions in the world. Events include generation, usage, or invalidation of entities, as well as starting or ending of activities. This notion of event is not first-class in the data model, but it is useful for explaining its other concepts and its semantics. An instance of prov:Invalidation provides additional descriptions about the binary prov:wasInvalidatedBy relation from an invalidated prov:Entity to the prov:Activity that invalidated it. For example, :uncracked_egg prov:wasInvalidatedBy :baking; prov:qualifiedInvalidation [ a prov:Invalidation; prov:activity :baking; :foo :bar ]. Invalidation qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Invalidation is the start of the destruction, cessation, or expiry of an existing entity by an activity. The entity is no longer available for use (or further invalidation) after invalidation. Any generation or usage of an entity precedes its invalidation. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Invalidation http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Invalidation Location expanded A location can be an identifiable geographic place (ISO 19112), but it can also be a non-geographic place such as a directory, row, or column. As such, there are numerous ways in which location can be expressed, such as by a coordinate, address, landmark, and so forth. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-attribute-location http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-attribute Organization expanded agents-responsibility An organization is a social or legal institution such as a company, society, etc. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-agent http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-types Person expanded agents-responsibility Person agents are people. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-agent http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-types There exist no prescriptive requirement on the nature of plans, their representation, the actions or steps they consist of, or their intended goals. Since plans may evolve over time, it may become necessary to track their provenance, so plans themselves are entities. Representing the plan explicitly in the provenance can be useful for various tasks: for example, to validate the execution as represented in the provenance record, to manage expectation failures, or to provide explanations. Plan expanded qualified agents-responsibility A plan is an entity that represents a set of actions or steps intended by one or more agents to achieve some goals. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Association http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Association An instance of prov:PrimarySource provides additional descriptions about the binary prov:hadPrimarySource relation from some secondary prov:Entity to an earlier, primary prov:Entity. For example, :blog prov:hadPrimarySource :newsArticle; prov:qualifiedPrimarySource [ a prov:PrimarySource; prov:entity :newsArticle; :foo :bar ] . PrimarySource qualified derivations A primary source for a topic refers to something produced by some agent with direct experience and knowledge about the topic, at the time of the topic's study, without benefit from hindsight. Because of the directness of primary sources, they 'speak for themselves' in ways that cannot be captured through the filter of secondary sources. As such, it is important for secondary sources to reference those primary sources from which they were derived, so that their reliability can be investigated. A primary source relation is a particular case of derivation of secondary materials from their primary sources. It is recognized that the determination of primary sources can be up to interpretation, and should be done according to conventions accepted within the application's domain. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-primary-source http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-original-source An instance of prov:Quotation provides additional descriptions about the binary prov:wasQuotedFrom relation from some taken prov:Entity from an earlier, larger prov:Entity. For example, :here_is_looking_at_you_kid prov:wasQuotedFrom :casablanca_script; prov:qualifiedQuotation [ a prov:Quotation; prov:entity :casablanca_script; :foo :bar ]. Quotation qualified derivations A quotation is the repeat of (some or all of) an entity, such as text or image, by someone who may or may not be its original author. Quotation is a particular case of derivation. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-quotation http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-quotation An instance of prov:Revision provides additional descriptions about the binary prov:wasRevisionOf relation from some newer prov:Entity to an earlier prov:Entity. For example, :draft_2 prov:wasRevisionOf :draft_1; prov:qualifiedRevision [ a prov:Revision; prov:entity :draft_1; :foo :bar ]. Revision qualified derivations A revision is a derivation for which the resulting entity is a revised version of some original. The implication here is that the resulting entity contains substantial content from the original. Revision is a particular case of derivation. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-revision http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Revision Role qualified agents-responsibility A role is the function of an entity or agent with respect to an activity, in the context of a usage, generation, invalidation, association, start, and end. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-attribute-role http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-attribute SoftwareAgent expanded agents-responsibility A software agent is running software. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-agent http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-types An instance of prov:Start provides additional descriptions about the binary prov:wasStartedBy relation from some started prov:Activity to an prov:Entity that started it. For example, :foot_race prov:wasStartedBy :bang; prov:qualifiedStart [ a prov:Start; prov:entity :bang; :foo :bar; prov:atTime '2012-03-09T08:05:08-05:00'^^xsd:dateTime ] . Start qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Start is when an activity is deemed to have been started by an entity, known as trigger. The activity did not exist before its start. Any usage, generation, or invalidation involving an activity follows the activity's start. A start may refer to a trigger entity that set off the activity, or to an activity, known as starter, that generated the trigger. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Start http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Start An instance of prov:Usage provides additional descriptions about the binary prov:used relation from some prov:Activity to an prov:Entity that it used. For example, :keynote prov:used :podium; prov:qualifiedUsage [ a prov:Usage; prov:entity :podium; :foo :bar ]. Usage qualified entities-activities http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig Usage is the beginning of utilizing an entity by an activity. Before usage, the activity had not begun to utilize this entity and could not have been affected by the entity. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-Usage http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-Usage Anonymised represents the Anonymisation level where the data cannot be de-anonymised to retrieve personally identifiable information. Anonymised DeAnonymised represents the Anonymisation level where the data is completely de-anonymised and contains directly accessible personally identifiable information. DeAnonymised PseudoAnonymised represents the Anonymisation level where the data is anonymised but cannot be de-anonymised without additional data which is NOT accessible to the data-holding organisation to retrieve personally identifiable information. PseudoAnonymised PseudoOrganisationalAnonymised represents the Anonymisation level where the data is anonymised but cannot be de-anonymised without additional data which is accessible to the data-holding organisation to recreate the de-anonymised information. PseudoOrganisationalOrganised EmptyCollection expanded collections An empty collection is a collection without members. specializationOf expanded alternate http://www.w3.org/TR/2013/REC-prov-constraints-20130430/#prov-dm-constraints-fig An entity that is a specialization of another shares all aspects of the latter, and additionally presents more specific aspects of the same thing as the latter. In particular, the lifetime of the entity being specialized contains that of any specialization. Examples of aspects include a time period, an abstraction, and a context associated with the entity. http://www.w3.org/TR/2013/REC-prov-dm-20130430/#term-specialization generalizationOf http://www.w3.org/TR/2013/REC-prov-n-20130430/#expression-specialization A revision is a derivation that revises an entity into a revised version. wasRevisionOf expanded derivations hadRevision