There are seven key principles under GDPR as follows:
- Lawful fair and transparent processing.
- Purpose Limitation.
- Data minimisation.
- Accurate and up to date processing.
- Limitation of storage in the form that permits identification.
- Confidential and secure.
- Accountability and liability.