The basic principles of German (and EU) data protection and security allow a comprehensive appraisal of what needs to be regarded, when using personal data.
- Personal data must be processed fairly and lawfully.
- Personal data must be collected for explicit and legitimate purposes and must be used accordingly.
- Personal data must be relevant and not excessive in relation to the legitimate purpose.
- Personal data must be accurate and if necessary kept up to date.
- The concerned individual (data subject) must be able to rectify, erase or block incorrect data.
- Personal data must not be kept longer than necessary.
- Personal data must be protected by appropriate technical and organizational measures against unauthorized or unlawful processing, accidental loss and destruction.