1. Determine in advance
- for which purpose you intend to use personal data
- what the legal basis of processing is
- what types of information you can collect based on the purposes of use
- how you collect the data in practice.
2. Tell about the processing openly and understandably to the persons whose data you are processing.
3. Observe confidentiality and security.
- Process the data in an information secure manner and according to their purpose of use based on the controller's instructions.
- Limit the right of use to the data appropriately.
- Do not disclose or publish the data in the internet without grounds.
- Remember your obligation to report any data breaches concerning personal data.
4. Always update personal data where necessary. Remove inaccurate and incorrect personal data or adjust them immediately.
5. Remove personal data immediately when you no longer need them for the purposes of processing.
6. Make sure that the data subject's rights are observed. For example, the data subject has the right to obtain information on the processing of their personal data and to remove their data. The scope of the rights depends on the legal basis for the processing of personal data.
7. Remember documentation. You must be able to prove that you observe the data protection legislation.
8. Observe the data controller's responsibilities if you use the services of a data analysis company or social media platforms, for instance. Check that the information received from a third party or service provider have been obtained legally.
The data protection legislation and principles must always be observed when processing personal data.