Skip to main content

๐Ÿ—‚๏ธ GDPR

General Data Protection Regulation

Principles#

Lawfulness, fairness and transparency#

Organisations need to make sure their data collection practices donโ€™t break the law and that they aren't hiding anything from data subjects

Purpose limitation#

Organisations should only collect personal data for specific purpose and clearly state what that purpose is and only collect data for as long as necessary.

Data minimisation#

Organisations must only process the personal data that they need to achieve its processing purpose

Accuracy#

The accuracy of personal data is integral to data protection. The GDPR states that "every reasonable step must be taken" to erase or rectify data that is inaccurate or incomplete.

Storage limitation#

Organisations need to delete personal data when it's no longer necessary.

Integrity and confidentiality#

The data must be processed in a manner that ensures appropriate security of the personal data

Differences between GDPR UK and GDPR EU#

The UK data protection act refers to the domestic implementation of the EU GDPR.