GDPR Principles

Information Commissioner's Office framework for GDPR compliance, providing principles for lawful, fair, and transparent data processing while protecting individual privacy rights.

Lawfulness, fairness and transparency

Data should be processed lawfully, fairly and in a transparent manner.
Purpose limitations

Collected for specified, explicit and legitimate purposes.
Data minimisation

Adequate, relevant and limited to what is necessary.
Accuracy

Accurate and, where necessary, kept up-to-date.
Storage limitations

Retained only for as long as necessary.
Integrity and confidentiality

Processed in an appropriate manner to maintain security.

Edit this page

Know of a set of design principles that should be here? Contribute an example

Lawfulness, fairness and transparency

Purpose limitations

Data minimisation

Accuracy

Storage limitations

Integrity and confidentiality

Related principles

Practical guidance for better design decisions

Practical guidance for
better design decisions