Principles of Data Protection

  1. Process it lawfully, fairly, and in a transparent manner;
  2. Collect it only for one or more speciļ¬ed, explicit and legitimate purposes, and do not otherwise use it in a way that is incompatible with those purposes;
  3. Ensure it is adequate, relevant and limited to what is necessary for the purpose it is processed;
  4. Keep it accurate and up-to-date and erase or rectify any inaccurate data without delay;
  5. Where it is kept in a way that allows you to identify who the data is about, retain it for no longer than is necessary;
  6. Keep it secure by using appropriate technical and/or organisational security measures;
  7. Be able to demonstrate your compliance with the above principles; and
  8. Respond to requests by individuals seeking to exercise their data protection rights (for example the right of access).