Data principles

Question 1

What principles follow from Article 5?

Answer 1

Data quality

• Lawfulness, fairness and transparency
• Purpose limitation
• Data minimisation
• Data accuracy
• Storage limitation
• Integrity and confidentiality
• Accountability for the controller

Question 2

What does the principle of “purpose limitation” entail?

Answer 2

Data must be collected for specified, explicit and legitimate purposes.

Data must not be processed for further purposes that are incompatible with the initial one
- Processing for archiving purposes in the public interest, scientific, historical, statistical is not considered to be incompatible

Question 3

What does the principle of “data minimisation” entail?

Answer 3

Data must be

Question 4

What does the principle of “data minimisation” entail?

Answer 4

Data must be adequate, relevant and limited to what is necessary

Question 5

What does the principle of “data accuracy” entail?

Answer 5

Data must be accurate, kept up to date - inaccurate data shall be erased or rectified without delay

Question 6

What does the principle of “storage limitation” entail?

Answer 6

Data must be kept in a form allowing identification of data subjects for no longer than necessary for the purposes of processing.

Data can be kept for longer if for archiving purposes in the public interest, scientific, historical or statistical purposes, when subject to proper safeguards

Question 7

What does the principle of “integrity and confidentiality” entail?

Answer 7

Processing must ensure appropriate security - appropriate technical or organisational measures - to protect against unauthorised or unlawful processing, accidental loss, destruction or damage.

Question 8

What does the principle of “accountability” entail?

Answer 8

The controller must not only be responsible for compliance but must also be able to demonstrate his compliance with GDPR.