Practical guide · GDPR
Pseudonymisation vs. anonymisation: key GDPR differences
Pseudonymisation and anonymisation are often used as synonyms — they aren't. Confusing them is one of the most frequent causes of GDPR fines, because one is still personal data and the other isn't. This guide clarifies the difference, with examples and criteria to choose.
Definitions under the GDPR
GDPR Art. 4(5) defines pseudonymisation as processing personal data so that it can no longer be attributed to a data subject without additional information, provided that this information is kept separately and subject to technical and organisational measures. The data is still personal.
Anonymisation is not in the articles but in Recital 26: if the data no longer allows the person to be identified, even by cross-referencing other sources, it falls outside the GDPR.
The practical difference
- Pseudonymisation: reversible with the key. Still under the GDPR. Requires a lawful basis, records of processing and a DPIA where applicable.
- Anonymisation: irreversible. Outside the GDPR. Can be published as open data without restrictions.
Clear examples
Replacing an ID number with a code
Pseudonymisation. The lookup table can recover the original.
Encrypting the name with a key held by the DPO
Still pseudonymisation. The key allows reversal.
Removing names, IDs and addresses from a dataset
Can be anonymisation, but only if no combination of quasi-identifiers remains that can re-identify. Postcode + date of birth + sex identifies over 80 % of the population: not anonymous.
When to use each
Use pseudonymisation when…
- You need to keep linking records to the same individual (clinical research, banking).
- You must be able to reverse for audits or data subject requests.
- You share data with a processor while keeping control of the key.
Use anonymisation when…
- You publish open data, rulings, minutes or statistics.
- You train AI models on data that should not identify anyone.
- You share data with third parties without a lawful basis to treat it as personal.
Common mistakes
- Labelling a dataset as anonymised while the combination of fields identifies the individual.
- Storing the reversal table in the same system as the pseudonymised data.
- Presenting pseudonymisation as an excuse to skip GDPR obligations.
- Anonymising the text of a PDF without stripping metadata.
How anonimIA approaches it
anonimIA automates real anonymisation: it removes personal information from the document content, keeps a log of what was suppressed and stores no reversal table, so the result stops being personal data.
Conclusion
The rule is simple: if the original can be recovered with reasonable effort, it's pseudonymisation and still under the GDPR; otherwise, it's anonymisation and falls outside. Pick based on the use case, document the process and assess re-identification risk against today's data sources.
Do you anonymise documents daily?
Stop redacting by hand. Automate it with anonimIA.
Upload your PDFs and get GDPR-compliant anonymised documents in seconds.
Try it free