Answering the questions below during the DPIA process will help you to identify where there is a risk that the project will fail to comply with the Law's seven data protection principles.
PRINCIPLE 1: Lawfulness, Fairness and Transparency
Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject
PRINCIPLE 2: Purpose Limitation
Personal data must not be collected except for a specific, explicit and legitimate purpose, and once collected must not be further processed in a manner incompatible with the purpose for which it was collected.
PRINCIPLE 3: Minimisation
Personal data processed must be adequate, relevant and limited to what is necessary in relation to the purpose for which it was processed.
PRINCIPLE 4: Accuracy
Personal data processed must be accurate and where applicable, kept up to date, and reasonable steps must be taken to ensure that personal data that is inaccurate (having regard to the purpose for which it is processed) is erased or corrected without delay.
PRINCIPLE 5: Storage Limitation
Personal data must not be kept in a form that permits identification of the data subject any longer than is necessary for the purpose for which it is processed.
PRINCIPLE 6: Integrity and Confidentiality
Personal data must be processed in a manner that ensures its security appropriately, including protecting it against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
PRINCIPLE 7: Accountability
The controller is responsible for, and must be able to demonstrate, compliance with the data protection principles
The Bailiwick of Guernsey's independent supervisory authority which regulates data protection legislation. The ODPA protects people by driving responsible use of personal information through helping organisations get it right, deterring harmful information handling, and taking enforcement action against significant non-compliance
Receive regular information and statistics related to our activities and governance
Sign up nowReceive regular information and statistics related to our activities and governance
Sign up nowThe Office of the Data Protection Authority
+44 (0)1481 742074 info@odpa.gg
Block A, Lefebvre Court, Lefebvre Street, St Peter Port, GY1 2JP
Newsletters sign-up Data Processing Notice Careers Cookies
Website by & Indulge
© 2024 The Office of the Data Protection Authority.