The GDPR is based on several fundamental principles regarding personal data, in particular:
– the principle of finality of the data: the collection of the data must have a legitimate objective for the activity of the site.
– the security principle: the file containing the data must best guarantee the security of the data it contains.
– the principle of confidentiality: the confidentiality of data is an important element: it must be pseudonymized and / or encrypted if possible.
– the principle of relevance: only the relevant and essential data for the activity must be collected by the site.
– the principle of transparency: the site collecting data must be transparent about the use it will make of it, in particular their possible use by third parties.
– the principle of respect for rights: all rights related to data (access, rectification, opposition, deletion) must be guaranteed.
– the retention principle: the duration of data retention must be clearly indicated, and the data must be deleted once this period has expired.