Principles of the Data Protection Act

Principles of the Data Protection Act

The Data Protection Act is built on eight principles:

1. Personal data must be fairly and lawfully processed;
2. Personal data must be processed for limited purposes;
3. Personal data must be adequate, relevant and not excessive;
4. Personal data must be accurate;
5. Personal data must not be kept longer than necessary;
6. Personal data must be processed in accordance with the data subject's rights;
7. Personal data must be secure;
8. Personal data must not be transferred to countries without adequate protection