Principles of the Data Protection Act

The Data Protection Act is built on eight Principles:

1. Data to be fairly and lawfully processed;
2. Data to be processed for limited purposes;
3. Data to be adequate, relevant and not excessive;
4. Data to be accurate;
5. Data not to be kept longer than necessary;
6. Data to be processed in accordance with the data subject's rights;
7. Data to be secure;
8. Data not to be transferred to countries without adequate protection