Data Protection Principles

Data Protection Principles advert image shown if present

Image shown for entry if relevant and present

The Data Protection Act 2018 sets out six data protection principles, covering Sections 86 to 91 (within Part 4: Chapter 2).
S.86 First data protection principle (DPP): â€œthe processing of personal data must be â€¦ lawful, â€¦ [as well] as fair and transparent.â€
S.87 Second DPP: â€œthe purpose for which personal data is collected â€¦ must be specified, explicit and legitimate, and â€¦ [it must] not be processed in a manner that is incompatible with the purpose for which it is collected.â€
S.88 Third DPP: â€œpersonal data must be adequate, relevant and not excessive in relation to the purpose for which it is processed.â€
S.89 Fourth DPP: â€œpersonal data undergoing processing must be accurate and, where necessary, kept up to date.â€
S.90 Fifth DPP: â€œpersonal data must be kept for no longer than is necessary for the purpose for which it is processed.â€
S.91 Sixth DPP: â€œpersonal data must be processed in a manner that includes taking appropriate security measures as regards risks that arise from processing personal data.â€