There are 7 principles set out in Article 5 of the GDPR -
6 principles which apply to the processing of personal data:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality
together with the overarching principle of 'accountability' which requires a controller to demonstrate compliance with the personal data processing principles.
Infringement of the basic principles for processing is subject to a fine of up to €20,000,000.
Please see the "Closer Look" guidance on the processing principles below.