Storage limitations – data must not be stored for longer than necessary.
Integrity and confidentiality – data processors must handle personal data in a way that ensures the appropriate security and protection against unlawful processing or accidental loss, destruction or damage.
Accountability – on top of these, and unlike under the data protection act 1998, GDPR states that the data controller and data processor are equally accountable for their own controls with regards to each of the above.
Although GDPR offers general compliance guidelines, how you achieve compliance can be open to interpretation, meaning that you need to know what your responsibilities are and what needs to be done to adhere to the regulation. The good news is that no matter which stage you’re at in your compliance journey, we’re here to share our knowledge and help you along the way.