Skip to main content

Data Minimisation

What is Data Minimisation?

Data Minimisation is a principle that states that data collected and processed should not be held or further used unless this is essential for reasons that were clearly stated in advance to support data and privacy. In the GDPR, this is defined as data that is:

  • Adequate
  • Relevant
  • Limited to what is necessary for the purposes for which they are processed.

Why is it important to minimise your data?

Apart from the fact the Data Minimisation principle is being reviewed and strengthened by the new General Data Protection Regulation (GDPR) and there are new obligations for personal data, it also represents best practice with maintaining customer trust and reducing the risk of unauthorised access and other security threats.

How can you practise Data Minimisation?

When collecting data, remember to ask yourself several questions for each point of data you are planning to collect:

  1. Does the individual know I am collecting the data?
  2. How am I planning to use this data?
  3. Does the individual know why I am collecting the data?
  4. Is there a way of achieving this purpose without having to collect the data?
  5. How long will I need the data for to achieve the purpose?

Asking yourself these questions will help you understand what data you do and don’t need at any one stage, and therefore what data can therefore be erased.

How can you promote Data Minimisation?