This finally puts an end to the Phone Number Database discussion whether an IP address, license plate, nickname or “that gentleman on the back seat with the red shirt” is personal data. They are: they identify someone by a Phone Number Database certain identifier, and that's enough. This also means that the scope of the Regulation is becoming a lot broader. After all, it applies to any processing of such personal data. Six Processing Phone Number Database Principles The Regulation formulates no fewer than six principles within which any processing must remain: Lawfulness: data must be processed in a fair and transparent manner.
Purpose limitation: data must only Phone Number Database be processed for a specified, explicit and legitimate purpose; Minimization: only the data that is sufficient, relevant and no more than necessary should be processed; Accuracy: data must Phone Number Database be correct and current; Storage limitation: data must be anonymised/deleted as soon as identifiability is no longer necessary; Integrity and confidentiality: appropriate Phone Number Database technical and organizational measures must secure and shield data.
In all cases, the burden of proof lies Phone Number Database with the person responsible (the organization that determines the goal and the means). This person must be able to demonstrate that the processing is based on these Phone Number Database principles, and must be able to justify this with, for example, a Privacy Impact Analysis (more about this below). Legality As under the Wbp, there are six grounds (consent, agreement, legal obligation, vital interests of the data subject, government task and own urgent interest) that can justify the processing of personal data.