Highly personal data has no legal definition. It is complementary to the special categories of sensitive data referred to in Article 9 as well as personal data relating to criminal convictions or offences referred to in Article 10 of the GDPR. They are referred to in the guidelines of the European Data Protection Board (EDPB) about Privacy Impact Assessment (PIA/DPIA).
In addition to the data covered by these provisions of the GDPR, certain categories of data may be considered as increasing the possible risk to the rights and freedoms of individuals. This personal data is considered sensitive insofar as it relates to domestic and private activities whose confidentiality must be protected. This data has an impact on the exercise of a fundamental right or because its violation would clearly have a serious impact on the daily life of the person concerned.
For example, a person's bank details are highly personal data. Its compromise would have a major impact on the individual (loss of money).