What is the GDPR's philosophy?
The GDPR has 5 principles that are essential to understanding its privacy and security approach:
- Transparency: Any company that manages personal data must inform users about how their information will be processed in compliance with the regulation
- Limited use: Data can only be used for the purposes notified to clients, employees, suppliers, etc.
- Data minimisation. The minimum data required will be requested with the aim of processing your data appropriately (e.g. it would not be appropriate if a company asks about your hobbies or profession when buying a household appliance)
- Data quality. The few data on the system must be accurate and up to date. The company must ensure the data's quality, because if it is not, the company may make wrong decisions that can have a negative impact on you.
- Information Security. Companies that manage data must guarantee a suitable level of security that includes protection against their illegal or unauthorised processing, as well as against their loss, destruction or accidental damage.