While the United Nations confirmed in numerous resolutions that privacy is and remains a human right in the digital age, our daily experience in the use of digital devices combined with the seemingly ever-increasing production of personal data suggests that it is difficult to understand this fluid concept of privacy. The largely successful implementation of the European Union’s General Data Protection Regulation (GDPR) suggests that a culture change towards a more data protection aware society is occurring. At the same time, the question remains whether and how concepts developed in the 1970s can address the complex reality of the 21st century. In this submission, we take a look at several existing concepts that address the division of private and public space, and discuss how these definitions affect the figuration of person(s) in and out of data. We contrast the concept of data subject whose data is being “protected” (the basis of the GDPR) with other approaches, including the German concept of informational self-determination, or the South American “habeas data” doctrine. We explore the tensions between considering the different societal and cultural traditions from which these concepts arise, the conceptualisation of privacy as a universal right, the (seemingly?) global nature of digital platforms, and the perennial vision of the digital as a universal space of data. These considerations lead us to reflect on the mutual adjustments that are ongoing: as we move in/out of data and as the digital becomes an inherent part of our identity, we both change our understanding of person to be able to effectively address privacy, and adjust our concept of privacy to address the concept of personhood.