Frequently Asked Questions and Answers from Termly’s Legal Experts

What are the 7 principles of the GDPR?

The 7 principles of the GDPR are:

  1. Lawfulness, fairness, and transparency: Organizations should be clear and transparent about how personal data will be used. Data must be collected lawfully and only used for its stated purpose.
  2. Purpose limitation: Organizations must have legitimate reasons for collecting and processing personal information. Personal data can only be used for stated purposes and any other uses require user consent.
  3. Data minimization: Data minimization means only the minimum amount of data required for the processing purpose should be collected.
  4. Accuracy: Steps should be taken to ensure the personal data collected is accurate and up to date. Inaccurate data that cannot be corrected, should be erased.
  5. Storage limitation: Personal data should only be kept long enough for the data to be processed for its stated purpose.
  6. Integrity and confidentiality: Organizations should have security measures in place to protect the collected personal data from unlawful use, accidental loss, and destruction.
  7. Accountability: Organizations are accountable for proper personal data handling and GDPR compliance.

Related Questions

There’s more to GDPR compliance than these 7 core principles.

A deeper understanding of what the GDPR is will help you determine the steps needed for GDPR compliance.

Trusted by Thousands

Trusted by thousands of companies worldwide, Termly’s intuitive software generates legal policies and handles consent management for any business in minutes.

Brand Logo FIS Brand Logo Eggland Brand Logo Veeps Brand Logo Hertz Brand Logo K2 Sports Brand Logo Law Insider
Termly Bolt
Try Termly’s Compliance Solutions For Free!
Get Compliant
Jona, Senior Product Manager @ Termly

Termly allows our users to focus more on their business instead of spending countless hours figuring out data privacy compliance. - Jona, Senior Product Manager @ Termly