A breakdown of the key principles of GDPR

Charlotte Baker 2 mins

In our blog Getting to Know The Basics of GDPR, we told you we’d soon be delving deeper into the core principles of GDPR. As promised, here’s what the key areas are and what they mean for your marketing.

There are 6 core principles that underpin GDPR, which state that data should be…

1. Processed in a lawful, fair and transparent manner

The first principle covers how your customer data should be handled. Any personal data must be processed in an honest and objective way.
This means you’ll have to adjust how you currently talk to your customers – on your website or email marketing. You will need to clearly explain the type of data you wish to collect, why you’re collecting it and how you plan to use it.

2. Used for the purpose the customer has agreed to

You must use your customer’s personal data for only legitimate, specific purposes. The main way to guarantee that you’re using their data properly is to gain their consent. Your customers will therefore need to read and agree to how you’re going to use their data before they give you it. We explain how to do this in our Top Tips to get GDPR-ready blog.

3. Limited to what it is needed for

Similar to the second principle, you should only gather data that you are going to need in order to carry out the task at hand. For example, if you only need 1 customer address, then only ask for 1.
Keeping data to a minimum will help to prevent you from breaching any regulations and improve the quality of your data.

4. Accurate and kept up to date

The personal data you collect, store and record should be accurate, and if possible, kept up-to-date. If you are unable to follow this regulation, then this data must be removed from your database.
Of course, it is possible that you may not know how accurate your is or isn’t, but this can be partly addressed by how you retain data.

5. Stored for no longer than necessary

The data you collect should be kept for no longer than is necessary for what you intend to use it for. If you no longer need the data you’ve collected it should be deleted.

6. Stored securely

The final principle talks about the security of the data you hold. This covers more than getting hacked. It includes the potential loss of data, as well as if unauthorised people have access to the data. You should therefore put security measures in place to prevent theft and damage.


comments for this post are closed