The 12 Fair Data Principles

  1. CONSENT.
    GDPR: Lawfulness, Fairness and Transparency
    We will ensure that all personal data is processed in line with the reasonable expectations of individuals of our use of their personal data.
  2. DATA PURPOSE.
    GDPR: Purpose limitation, Transparency, Data minimisation
    We will only use data for specified purposes and be open with individuals about the use of their data, respecting individuals’ wishes about the use of their data.
  3. DATA ACCESS.
    GDPR: Data minimisation, Accuracy, Data retention, Data subject rights
    We will make sure that individuals have easy access to their personal data that we hold, and that we tell them how we use it and how they can exercise their rights over it.
  4. DATA SECURITY AND TRANSFER.
    GDPR: Integrity and confidentiality
    We will only collect personal data that we need and will protect it and keep it secure removing personal data as soon as it is no longer needed.
  5. PROTECTION / AVOIDANCE OF HARM.
    GDPR: Integrity and confidentially
    We will ensure staff and all persons involved with our organisation understand that personal data is just that – personal – and ensure that it is treated ethically and with respect.
  6. VULNERABLE ADULTS AND CHILDREN.
    GDPR: Lawfulness, Fairness, Transparency
    We will ensure that the vulnerable and under-age are properly protected by the processes we use for data collection, use and management.
  7. SUPPLY CHAIN AND CLIENTS/SUPPLIERS.
    GDPR: Ethical safeguards and best practice
    We will manage our data supply chain to the same ethical standards we expect from other suppliers.
  8. CLIENTS/SUPPLIERS AND SUPPLY CHAIN.
    GDPR: Ethical safeguards and best practice
    We will ensure that ethical best practice in personal data is integral to our procurement process.
  9. INTEGRITY AND STAFF DEVELOPMENT.
    GDPR: Accountability
    We will ensure that all staff and persons involved with our organisation who have access to personal data are properly trained in its use.
  10. PRIVACY BY DESIGN AND DEFAULT.
    GDPR: Privacy by design and default, Data subject rights
    We will ensure that privacy vulnerability is risk assessed and controls to protect privacy are embedded in the design and development of all our processes including our software, systems and services for the collection and use of personal data.
  11. COMPLIANCE.
    GDPR: Accountability
    We will ensure that we can adequately resource and demonstrate our responsibility for compliance with data protection requirements.
  12. PROFESSIONAL REPUTATION.
    Accountability
    We will only use personal data if we are confident that the Fair Data Principles have been applied throughout our organisation.
Error: