purpose of the data protection act 2018
-keep personal data safe
-e.g. name, address, DOB
7 features of the data protection act
-purpose limitation
-lawfulness, fairness and transparency
-data minimisation
-accuracy
-storage limitation
-integrity and confidentiality
-accountability
purpose limitation
-cannot use data for things outside of the given purpose
lawfulness, fairness and transparency
-must have legitimate grounds for the collection of data
-must not use data in ways the user would not reasonably expect
-must not have adverse effects or unlawful activity
data minimisation
-must not collect more data than necessary and sufficient for the purpose
accuracy
-reasonable steps must be taken to retain accuracy of data
-should be updated when necessary
strorage limitation
-data must not be kept for longer than the purpose needs it to be
-must delete out of date data
integrity and confidentiality
-must be clear who is responsible for the security of the data
-must implement effective security tools and respond to breaches immediately
