The GDPR sets out six key principles. To ensure compliance the University must act in accordance with these principles. In brief, these are:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage information
- Integrity and confidentiality (security)
In addition, the University must be able to demonstrate its compliance with the principles. This is referred to as the accountability principle.
See the in full.