Privacy Principles

The General Data Protection Regulation (GDPR) lays down 7 principles, which form the basis for all data processing operations that take place. All of these principles must be complied with when processing personal data. They are the following principles:

Lawfulness

The principle of lawfulness of data processing implies that data processing must be lawful, adequate and transparent. The conditions for lawful processing of personal data are laid down in the GDPR. The principle of lawful processing mainly concerns the relationship between the controller and the data subject and is a principle that the importance of processing personal data should be carried out in an ethically correct manner.

Purpose limitation

The purpose limitation principle implies that any processing of personal data must be carried out for a specific, clearly defined purpose. Personal data can only be processed for a purpose that is compatible with the originally defined purpose. It is important that the purpose of the data processing is determined before this data processing actually starts.

Data minimization

The principle of data minimisation implies that the processing of personal data must be limited to what is necessary to achieve the legitimate purpose established. 

Storage restriction

The principle of storage restrictions means that personal data should not be kept longer than necessary. This means that, if the personal data are no longer necessary for the fulfilment of the recorded purpose of the data processing, they must be deleted or made anonymous so that they cannot in any case be traced back to a specific person.

Accuracy

The principle that the accuracy of data processing is required implies that the controller is obliged to ensure that the data of the data subject are accurate and up to date. The information should not be used by the controller without reasonable assurance that the personal data are accurate and up to date.

Integrity and confidentiality

The principle of integrity and confidentiality implies that the processor or controller is obliged to take appropriate measures to ensure that personal data are secure and cannot be used, accessed or modified without authorisation. These may include, for example, technical or organisational measures that are put in place to secure the personal data. There is also an obligation to test the reliability of the security in advance. Appropriate security measures will depend on the specific situation and type of personal data. This may include, for example, the pseudonymisation and encryption of personal data and regular testing of the functioning of the measures.

Accountability obligation

The principle of accountability applies to the controller, but processors are also expected to comply with this obligation. The principle of accountability obliges to be able to demonstrate compliance with the principles discussed above. The essence of accountability is to put in place measures to ensure that the principles of data processing are complied with and that the controller (or processor) has documentation showing that these measures have been taken to ensure compliance with the principles of processing personal data.



Specialist privacy principles

The 7 privacy principles contained in the GDPR provide the framework for processing personal data.
Innovation / Growth / Commitment

Get in contact

You can contact us by filling in our contact form. We will respond as soon as possible. Of course you can also email or call us directly.

040 - 248 1881