What are the basic rules of the GDPR?

Here are the basic rules of the GDPR:

Fair data processing: Process personal data in a lawful, fair, and transparent manner.
Purpose limitation and consent: Process data only for necessary purposes unless additional user consent is obtained.
Data minimization and store limitation: Only collect as much personal data as needed, and don’t store data for longer than is necessary.
Privacy by Design: Proactively integrate data protection into the design of new products and systems.
Data subject rights: Honor users’ rights to request the access, correction, deletion, or transfer of their data.
Data breach notification: If there’s a data breach, inform data protection authorities within 72 hours, and inform users as soon as possible.

Related Questions

Are email addresses personal data? Do I need a cookie policy on my website? Do you need consent for cookies? Does CCPA apply to B2B businesses? Does GDPR apply to companies or individuals? Does GDPR apply to EU citizens in the US?

The GDPR doesn’t need to be as complicated as it sounds.

A GDPR for dummies guide can help you learn the key points of the GDPR without having to interpret the legislation.

Trusted by Thousands

Trusted by thousands of companies worldwide, Termly’s intuitive software generates legal policies and handles consent management for any business in minutes.

Try Termly’s Compliance Solutions For Free!

Get Compliant

Termly allows our users to focus more on their business instead of spending countless hours figuring out data privacy compliance. - Jona, Director of Product @ Termly