Under the EU’s Global Data Protection Regulation (GDPR), a data subject is an identifiable natural person.
A living, real person. Not a legal person (e.g., corporation, partnership, or other legal entity). Not a deceased person.
A person can be identifiable if information the controller has, combined with other information, whether in the controller’s possession or not, will distinguish the person from others.
If you are studying for your certification, Data Subject is mentioned under Section II, A, 7 of the Body of Knowledge:
European Privacy Certification. Outline of the Body of Knowledge for the Certified Information Privacy Professional/Europe (CIPP/E™):
II. European Data Protection Law and Regulation
A. Data Protection Concepts
7. Data subject