General Data Protection Regulation GDPR

What you need to know.

• 7 principles: lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity + confidentiality, accountability
• 8 data subject rights: access, rectification, erasure, restrict processing, data portability, object, automated decision-making, withdraw consent
• DPO required for large-scale processing
• DPIA required for high-risk processing
• 72-hour breach notification