The General Data Protection Regulation UK Spelling - Page 8

Compliance Compliance Under the GDPR, you are accountable for complying with the principles that personal data is: • processed lawfully, fairly and in a transparent manner • collected for a specified explicit and legitimate purpose • adequate, relevant and limited to what is necessary and kept for no longer than necessary • accurate and up to date • secure Although the principles of accountability and transparency have previously been implicit requirements of data protection law, the GDPR’s emphasis elevates their significance. Under the new legislation, you must be able to demonstrate and prove your compliance. You are obliged to implement technical and organisational measures to provide evidence that you have considered and integrated data protection into your processing activities and data protection must be at the heart of everything you do. In addition, data can only be transferred to organisations with adequate safeguards. Article 5(2) requires that: “the controller shall be responsible for, and be able to demonstrate, compliance with the principles.” invenias powering your search for talent