🗂️ GDPR

General Data Protection Regulation

Principles:

Lawfulness, fairness and transparency

Organisations need to make sure their data collection practices don’t break the law and that they aren't hiding anything from data subjects.

Purpose limitation

Organisations should only collect personal data for specific purpose and clearly state what that purpose is and only collect data for as long as necessary.

Data minimisation

Organisations must only process the personal data that they need to achieve its processing purpose.

Accuracy

The accuracy of personal data is integral to data protection. The GDPR states that "every reasonable step must be taken" to erase or rectify data that is inaccurate or incomplete.

Storage limitation

Organisations need to delete personal data when it's no longer necessary.

Integrity and confidentiality

The data must be processed in a manner that ensures appropriate security of the personal data.

The UK data protection act refers to the domestic implementation of the EU GDPR.

Principles:​

Lawfulness, fairness and transparency​

Purpose limitation​

Data minimisation​

Accuracy​

Storage limitation​

Integrity and confidentiality​

Differences between GDPR UK and GDPR EU​

Contents