Basic principles

The principles relating to processing of personal data are the cornerstone of the obligations and rights foreseen by the GDPR. These principles are lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality. Controllers are guided by these principles when processing personal data and, in line with the principle of accountability, must be able to demonstrate compliance with them.