ProvePrivacy Logo | Blue Green

Back to home


Data Protection Principles

Principles | ProvePrivacy | Article Image 37

The principles relating to the processing of personal data are laid out within the data protection legislation and they form the backbone of the requirements for any organisation processing personal data.  Failure to implement the principles throughout the organisation is deemed to be a significant breach of the regulation and could attract the highest level of fines from the supervisory authority.

The principles are summarised here as:

  • Personal data shall be processed lawfully, fairly and in a transparent manner
  • Personal data shall be collected for specific, explicit and legitimate purposes (purpose limitation)
  • Personal data shall be adequate, relevant and limited to the what is necessary in relation to the purpose of the processing (minimisation)
  • Personal data shall be accurate and, where necessary kept up to date (accuracy)
  • Personal data shall be kept in a form which permits identification of the data subject for no longer than is necessary (storage limitation)
  • Personal data shall be processed in a manner that ensures the appropriate security of the personal data (security)

In addition to the above, the data controller shall be responsible for, and be able to demonstrate that it is in compliance with the above principles (accountability).

You might also like

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights