GDPR in 3 mins - 1 of 7 Principles

Having gone through the scope and objective in our earlier Newsletters, let us discuss the protection and accountability principles of GDPR. I have copy-pasted the screenshot from the official website, and among the seven principles, we will discuss the first principle.

1. Lawfulness, fairness and transparency: ?

Processing must be lawful, fair, and transparent to the data subject.

The data collected from the data subject must be processed lawfully. What does it mean? Let me explain using a banking example.

Let us say that the Bank is collecting personal data from you for a specific purpose. So, before processing the data, the Bank must have gotten your consent to process the data for the stated purpose.

Also, in some cases, the processing is necessary for the performance of the contract itself. For example, if you swipe your card at the point of sale, the Bank has to process the data, such as credit-debit in the accounting books, to provide a banking service, a contract you have already entered.

To meet compliance and legal obligation to the local and Global Regulators and Govt authorities, the Bank has to process the data well within the lawful processing.

Before transferring the data from "One server to another server (computer storage), the data is encrypted. In this case, the processing is necessary to protect the vital interest of the data subject and hence it is lawful.

I hope this article has given you a high-level overview of the Seven principles of GDPR and some clarity on the first principle.

Views are Personal.

Image Credit:

Photo by CQF-Avocat: https://www.pexels.com/photo/scrabble-tiles-613508/

References and Additional Reading:

1. https://gdpr.eu/what-is-gdpr/
2. https://gdpr.eu/article-6-how-to-process-personal-data-legally/