GDPR principles explained

Understanding GDPR

Shalini Kurapati, CIPP/E

Co-founder, Clearbox AI

What are they?

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy: Data quality
  • Storage limitation
  • Integrity and confidentiality
  • Accountability
1 Article 5 of GDPR
Understanding GDPR

Lawfulness, fairness, and transparency

Picture featuring balance scales, with a gavel in the background.

  • Lawfulness - one of six legal bases
  • Fairness - reasonable expectations
  • Transparency - about the use
  • Data subject rights - focus on fairness and transparency
Understanding GDPR

Purpose limitation

Illustration of a dart hitting the target which represents a purpose. The dart board is surrounded by data related elements like documents and graphs.

  • Specific purpose - reuse compatible with original purpose
  • Example: Doctor and his travel agent wife
    • Doctor has patient data for treatment purposes, shares it with wife
    • Wife sends "get well" travel package promos - not compatible
1 ARTICLE 29 DATA PROTECTION WORKING PARTY Opinion 03/2013 on purpose limitation
Understanding GDPR

Data minimization

A person swiping a scale of a histogram from minimum to maximum.

  • Adequate, relevant, limited - collection/processing
  • Not excessive,no just-in-case, right amount for your purpose
Understanding GDPR

Accuracy

A hand holding a pencil and drawing a line on a paper using a ruler to represent precision and accuracy.

  • Accurate
  • Should not be incorrect or misleading
  • Keep it up-to-date
  • Example: Regular checks on accuracy of client addresses
Understanding GDPR

Storage limitation

Photo shows an archive with shelves filled with records and boxes representing file storage.

  • Data retention limit
  • Exceptions for research and statistics
Understanding GDPR

Integrity and confidentiality

Picture of a laptop with a screen showing a lock inside the stars of the EU flag with a blue background.

  • Security principle
  • Adequate measures for data safety/security
Understanding GDPR

Accountability

  • Controller responsible for:
    • implement principles
    • demonstrate compliance
  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy: Data quality
  • Storage limitation
  • Integrity and confidentiality
Understanding GDPR

Let's practice!

Understanding GDPR

Preparing Video For Download...