In order for our site to work, small files called ‘cookies’ have been placed on your device. These mandatory cookies do not process any personal data.
We would also like to use analytics cookies to understand how our site is used by visitors and then use this information to improve our site and the experience of using our site. The service we use is Google Analytics.
Please indicate whether or not you are happy to allow the use of these analytics cookies by selecting one of the options below. You can read more about our cookies before you choose and read our Privacy Notice to find out more information on how we use your personal data
Answering the questions below during the DPIA process will help you to identify where there is a risk that the project will fail to comply with the Law's seven data protection principles.
PRINCIPLE 1: Lawfulness, Fairness and Transparency
Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject
PRINCIPLE 2: Purpose Limitation
Personal data must not be collected except for a specific, explicit and legitimate purpose, and once collected must not be further processed in a manner incompatible with the purpose for which it was collected.
PRINCIPLE 3: Minimisation
Personal data processed must be adequate, relevant and limited to what is necessary in relation to the purpose for which it was processed.
PRINCIPLE 4: Accuracy
Personal data processed must be accurate and where applicable, kept up to date, and reasonable steps must be taken to ensure that personal data that is inaccurate (having regard to the purpose for which it is processed) is erased or corrected without delay.
PRINCIPLE 5: Storage Limitation
Personal data must not be kept in a form that permits identification of the data subject any longer than is necessary for the purpose for which it is processed.
PRINCIPLE 6: Integrity and Confidentiality
Personal data must be processed in a manner that ensures its security appropriately, including protecting it against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
PRINCIPLE 7: Accountability
The controller is responsible for, and must be able to demonstrate, compliance with the data protection principles