> Maybe this would include the reason they banned the account
It might not unless the definition is really stretched. It's not data collected about you. Otherwise every email some employee sends discussing this situation would also need to be included.
>It might not unless the definition is really stretched. It's not data collected about you.
It's quite obviously personal data within the definitions used in GDPR. It's information that can be related to a natural person; those two criteria are the only criteria that must be satisfied for data to be regulated under the GDPR.
>Otherwise every email some employee sends discussing this situation would also need to be included.
Yep. If the contents of those emails can be related to a natural living person by any identifier (name, username, email address, account number etc) then it's personal data.
Its identifiable, yes, but not personal. Otherwise, all free-form text entry would have to be processed prior to a GDPR request, which is not likely.
Take Facebook as an example, when you request your personal data, they present what is linked in their database to you, which is of course not where anyone mentions your name. Who is to say that my name (Paul Smith) identifies me and not some other Paul?
Actually, when someone is identifiable with a couple of pieces of data, that becomes personal data. For example, if you would be the only Paul Smith on earth, we would consider that personal data. If you are the only Paul Smith in the US and the context reveals that we are talking about someone in the US, those 2 pieces together are personal data (and so on).
That is what they mean with "indirect identification" in the link provided by jdietrich.
It might not unless the definition is really stretched. It's not data collected about you. Otherwise every email some employee sends discussing this situation would also need to be included.