The GDPR is heavily influenced by these 6 privacy principles. To make GDPR compliance as easy and intuitive as possible, you should familiarize yourself with these principles and apply them to your daily business practices.
Read more here: https://www.termsfeed.com/blog/gdpr-privacy-principles/
2. The GDPR’s rules are influenced by
6 privacy principles.
If you know, understand and uphold
these principles, your business will
be more likely to operate in a
GDPR-compliant way.
3. Lawfulness, Fairness and Transparency
Purpose Limitation
Data Minimization
Accuracy of Data
Data Storage Limitation
Integrity and Confidentiality
1.
2.
3.
4.
5.
6.
You can find the 6 principles outlined in Article 5 of the GDPR:
6. Lawfulness
You must only process personal data under one of the 6 lawful bases (1)
set out in Article 6 of the GDPR:
Consent
Contract
Legal obligation
Vital interests
Public task
Legitimate interests
1.
2.
3.
4.
5.
6.
(1) Link to: https://www.termsfeed.com/blog/gdpr-lawful-basis-processing/
7. Make note in your Privacy Policy of what lawful bases you rely on.
9. How noticeable are your legal agreement links?
Transparency
Be clear, open and honest about your data processing practices.
You can achieve this by having an informative Privacy Policy that
includes important information such as:
What personal data you collect, and why
How you process it and whether you share it with others
How users can contact you with questions
10. Where are your legal agreement links placed?
3
Purpose Limitation
11. Only use personal data for the purposes you request it for.
Never use personal data in a way a user wouldn’t expect or
hasn’t agreed to.
Be clear about your purposes in your Privacy Policy.
14. You should aim to collect the minimum amount of personal
data necessary for your intended purpose.
If you don’t need a specific piece of data to fulfill the purpose,
don’t collect it.
16. You must take reasonable steps to make sure that the
personal data you collect and keep is accurate.
Facilitate the user’s right to rectify personal data with any
updates or changes by adding a relevant clause to your
Privacy Policy:
18. You must only keep personal data for as long as it’s necessary
to keep for your intended purposes.
Note this in your Privacy Policy so your users know that you
practice data storage limitations, and what they can expect.
20. You must take steps to keep personal data safe and secure.
You must also be familiar with requirements for how to handle
a data breach (2).
Add a security clause to your Privacy Policy that lets users
know you take security seriously.
(2) Link to: https://www.termsfeed.com/blog/business-data-breaches/
21.
22. An important part of your GDPR compliance plan is to become
familiar with these 6 privacy principles and implement them
into your business.
Remember to update your Privacy Policy to reflect the
principles.