Minimisation of data
Personal data may only be processed when necessary for the purposes of the processing.
The personal data being processed must be
- appropriate, i.e. data that can be used to fulfil a specified purpose of processing
- relevant, i.e. with a clear connection to a specified purposed of processing and
- limited, i.e. necessary for a specified purpose of processing.
Personal data may not be collected or processed to an extent greater than necessary for the purposes of processing.
The accurate assessment of the required amount of personal data requires identifying the reason for which the personal data is necessary. The purpose of processing helps define which personal data is necessary for fulfilling the purpose. Controllers are also required to assess and justify the necessity of data when data subjects exercise their rights, such as the right to rectification or erasure of the data, or the right to object to the processing.
In addition to the data subjects as a whole, the necessity of personal data must also be evaluated individually for each data subject. For example, information on allergies can be necessary for individual data subjects and meals when the personal data is being processed in connection with catering services.
The risk entailed by the processing of personal data can be mitigated by minimising the amount of personal data being processed, for example through the pseudonymisation and anonymisation of personal data.
The storage time of personal data must also be minimised, and no personal data should be stored just in case. The processing of personal data is only permitted when the purpose of the processing cannot be achieved through other means.
The controller is responsible for compliance with data protection regulations for as long as it stores or otherwise processes personal data. The requirement of the minimisation of data is closely connected to the principle of storage limitation.