GDPR Principles
The way you handle personal information must follow these 7 principles:
Transparency
Personal data must be processed in a lawful and transparent manner, ensuring fairness towards the individuals whose personal data you are processing.
1 1Purpose Limitation
You must have specific reasons for processing the data and you must highlight those purposes to individuals when collecting their personal data. The act of simply collecting data for no purpose is no longer permitted.
2 2Data Minimisation
You must only collect data related to fulfilling your specific reasons.
3 3Accuracy
You must ensure the accuracy of the data, and directly relate that to your specific reasons.
4 4Storage Limitation
The collected data should be stored for not longer than necessary to fulfil the purposes for which it was collected.
5 5Integrity and Confidentiality
Appropriate technical and organisational safeguards must be in place to ensure the security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, damage or destruction.
6 6Accountability
All organisations who process personal data must demonstrate compliance with each of the above Principles.
7 7ABC Limited has been audited to see how compliant it is with GDPR regulations. Below are a few of the steps the company has been advised to take. Which of the GDPR principles do these steps meet?
After gathering all information about the data that ABC holds and having prepared a data map, the organisation will have to undertake the formal process of confirming, documenting and filing the legal basis on which they collect personal data.
Select the two principles that apply