The Data Protection Principles Sample Clauses
The Data Protection Principles clause sets out the fundamental rules and standards for handling personal data within an agreement. It typically requires parties to process personal information lawfully, fairly, and transparently, and to implement appropriate security measures to protect such data. For example, it may specify obligations to limit data collection to what is necessary, ensure data accuracy, and respect individuals' rights regarding their information. The core function of this clause is to ensure compliance with data protection laws, such as the GDPR, and to mitigate the risk of data breaches or misuse of personal data.
The Data Protection Principles. The GDPR sets out the following principles with which any party handling personal data must comply. All personal data must be:
14.3.1 Processed lawfully, fairly, and in a transparent manner in relation to the data subject.
14.3.2 Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
14.3.3 Adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
14.3.4 Accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased, or rectified without delay.
14.3.5 Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed. Personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of the data subject.
14.3.6 Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
The Data Protection Principles. This Policy aims to ensure compliance with Data Protection Legislation. Data Protection Legislation sets out eight principles with which any party handling personal data must comply. All personal data:
2.1.1. Must be processed fairly and lawfully (and shall not be processed unless certain conditions are met);
2.1.2. Must be obtained only for specified and lawful purposes and shall not be processed in any manner which is incompatible with those purposes;
2.1.3. Must be adequate, relevant and not excessive with respect to the purposes for which it is processed;
2.1.4. Must be accurate and, where appropriate, kept up-to-date;
2.1.5. Must be kept for no longer than is necessary in light of the purpose(s) for which it is processed;
2.1.6. Must be processed in accordance with the rights of Data Subjects under Data Protection Legislation;
2.1.7. Must be protected against unauthorised or unlawful processing, accidental loss, destruction or damage through appropriate technical and organisational measures; and
2.1.8. Must not be transferred to a country or territory outside of the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of Data Subjects in relation to the processing of personal data.
The Data Protection Principles. The Parties have entered into this Agreement to assist them with Processing Personal Data in accordance with the data processing principles set out in the General Data Protection Regulations. Those principles are, in summary that Personal Data shall be:
(a) processed lawfully, fairly and in a transparent manner;
(b) collected for specified, explicit and legitimate purposes;
(c) adequate, relevant and limited to what is necessary;
(d) accurate and, where necessary, kept up to date;
(e) kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data are Processed; and
(f) processed in a manner that ensures appropriate security of the Personal Data. Furthermore, accountability is central to GDPR: the GP Contractor and the Health Board are responsible for compliance with these principles and must be able to demonstrate this to Patients and the appropriate supervisory authority.
The Data Protection Principles. 6.1 This Policy aims to ensure compliance with Data Protection Law. The UK GDPR sets out the following principles with which any party handling Personal Data must comply. Controllers are responsible for, and must be able to demonstrate, such compliance. All Personal Data must be:
a) Processed lawfully, fairly, and in a transparent manner in relation to the Data Subject;
b) collected for specified, explicit, and legitimate purposes and not further Processed in a manner that is incompatible with those purposes. Further Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
c) adequate, relevant, and limited to what is necessary in relation to the purposes for which it is Processed;
d) accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that Personal Data that is inaccurate, having regard to the purposes for which it is Processed, is erased, or rectified without delay;
e) kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data is Processed. Personal Data may be stored for longer periods insofar as the Personal Data will be Processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to implementation of the appropriate technical and organisational measures required by the UK GDPR in order to safeguard the rights and freedoms of the Data Subject;
f) Processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorised or unlawful Processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
The Data Protection Principles. The Parties have entered into this Agreement to assist them with Processing Personal Data in accordance with the data processing principles set out in the General Data Protection Regulations. Those principles are, in summary that Personal Data shall be: