Core Principles of Data Protection

by | Apr 23, 2025 | Uncategorized

Core Principles of Data Protection

And the rights of individuals 

Core Principles of Data Protection 
Data must be processed lawfully, fairly and in a transparent manner
Data must be collected for specified, explicit and legitimate purposes
The data collected must be adequate, relevant and limited to what is needed
Data should be accurate, and where necessary, kept up to date
Data is kept no longer than necessary for the processing
Data must be processed in a manner that ensures appropriate security by technical and organisational measures


The Rights of Individuals
To be informed
To access
To rectification
The right to object to processing
The right to restrict processing
The right to erasure or the right to be forgotten
The right to data portability
Rights in relation to automated decision making and profiling
Collecting Staff Vaccination Data

Collecting Staff Vaccination Data

Collecting Staff Vaccination Data There is no quick answer as to whether schools are legally permitted to collect vaccination data.   As well as considerations under data protection law, employers must also be mindful of obligations arising under areas such as...

Sharing Personal Data with the Police

Sharing Personal Data with the Police

One of the most common questions we get asked concerns sharing data with law enforcement offices. The UK GDPR does not prevent you sharing personal data with such bodies such as the police (known under data protection law as “competent authorities”) who are...

New Data Retention Guidance

New Data Retention Guidance

This is a subtitle for your new post The UK government recently issued updated guidance on record keeping for academies and trusts to assist them with their record keeping obligations.  Click here to be taken to the Government site....