GDPR: What is Data Minimization?
Adequate, relevant and limited to what is necessary
I have writing frequently about European General Data Protection Regulation (GDPR) these days. If you have missed my previous articles, you can check out those here —
- GDPR in Action — Step by step guide
- Dear Medium bloggers, you are GDPR ready?
- GDPR Sec 4 Article 37/38/39 — Why do you need to hire a Data Protection Officer?
Since I trying go over each and every section in GDPR, I see one particular word being used multiple times — Data Minimization
In this article, I intend to explore the details of Data Minimization.
What is Data Minimization?
According to GDPR, Chapter 2, Article 5 — Principles relating to processing of personal data,
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
This means — in the context of personal data, only collect, store and process what is adequate, relevant and limited to your business case. There is no clear definition of what personal data should be collected and what should not be. It is…
