Data Minimisation in GDPR

When it comes to storing processed data, the GDPR sets out some principles. Most importantly that data must stored for the shortest possible time and no longer than necessary. Legal obligations on how long that data can be stored must be taken into consideration. Storing the data for extended periods is only allowed for archival … Continued

Processing Sensitive Data

When processing sensitive data is desired, the confidentiality, integrity and availability of that data must be maintained at all times. Before collecting the data, there has to be a specified purpose for processing it within an agreed amount of time. Undefined purposes are not acceptable. Processing the data is limited only to the specified purpose … Continued