Page 89 - Cyber Warnings
P. 89
Lawfulness, Fairness That the collected data shall be transmitted and processed in
and Transparency a lawful, fair and transparent manner such that the data
processor and data controller are clear on what is the type of
data and what is the intended purpose for using it
Accuracy That the collected data shall be kept up to date
Data minimization That the collected data shall be relevant and limited to what is
necessary for fulfilling the declared purpose(s) only
Storage limitation That the collected data shall be not retained and/or stored
beyond when it has fulfilled its declared purpose(s)
Confidentiality and That the collected data shall be processed in a manner that
Integrity ensures appropriate security of the personal data
Accountability That the collected data shall be used to enable the data
controller demonstrate compliance with these data protection
principles and maintain the records of appropriate processing
activities
Exceptions to GDPR
GDPR is not applicable in the following circumstances -
1. When the information is processed purely for personal or in-house purposes
2. When the information is processed by competent authorities (such as involving
criminal investigations)
3. For companies with <250 employees, unless the processing of the personal data
poses high risk, there is no need to designate a data protection officer (DPO)
4. When data processing is a subsidiary activity so it’s not compulsory to maintain
documentation related with data processing operations
89 Cyber Warnings E-Magazine – April 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
