EDPB guidance · surfaced resource

Guidelines 01/2025 on Pseudonymisation

EDPBGuidelines (draft)

The EDPB's guidance on the legal definition of pseudonymisation under the GDPR, its benefits, and when organisations are expected to use it — covering how it supports the Article 5 principles, Article 25 data protection by design and Article 32 security, with an annex of ten worked examples (three on medical data). At the time of writing the guidelines remain in draft following public consultation.

Published by: European Data Protection Board (EDPB)
Type: Guidelines 01/2025
Status: Draft adopted for public consultation, 16 January 2025; final pending — confirm before relying on it
Jurisdiction: EU / EEA — GDPR
Topic tags: Pseudonymisation · security (Art. 32) · data protection by design (Art. 25) · research

Why it matters

It turns “pseudonymisation” from a vague label into an operational technique, with worked examples you can map onto real processing — directly useful for DPIAs, security-measure design and research data flows.

Go to source ↗← Back to Guidance Watch

A Weekly Guidance Watch resource entry, curated by VulaPri. We summarise and link to the original; we do not reproduce or host it. Suggest a correction.