Anonymized data is not subject to the provisions of the GDPR. In principle, they can be freely processed without the consent of a person or the need for a specific legal basis.
Contrary to what the word suggests, anonymization does not already exist when names are no longer mentioned. Rather, according to the legislator’s conception, anonymized data should not have any reference to a person, nor should it be possible to establish such a reference.
Data is pseudonymized if it can no longer be assigned to a specific person without additional information. This can be achieved, for example, by replacing the name of the person concerned with an identifier (like an ID-Number).
Aggregated data is data that has been combined from various individuals, thus creating a “data group”. These, too, can no longer be traced back to a specific person, but are thus not necessarily anonymized.
The transition between regular, pseudonymous and anonymous (personal) data is fluid in places. If you are unsure about this, please feel free to contact the data protection officer.