> When organisations seek to protect their user’s data, it is necessary that they understand the data they need to safeguard. Personal data, in the context of GDPR, covers a much wider range of information than personally identifiable information (PII), commonly used in North America. In other words, while all PII is considered personal data, not all personal data is PII.
When you say PII in context of GDPR you are simply using wrong term.
IANAL, and wrote PII because it's personal non-legally binding communication, and there is nothing wrong with using any terms that are familiar to both sides.
You can read it as both PII and personal data, and it doesn't change the fact that this data sharing is out of scope of the company Privacy Terms.
https://techgdpr.com/blog/difference-between-pii-and-persona...
> When organisations seek to protect their user’s data, it is necessary that they understand the data they need to safeguard. Personal data, in the context of GDPR, covers a much wider range of information than personally identifiable information (PII), commonly used in North America. In other words, while all PII is considered personal data, not all personal data is PII.
When you say PII in context of GDPR you are simply using wrong term.