Personal data cannot be transferred to countries outside the European Economic Area (EEA)
Appropriate security measures must be taken against unauthorised access
Personal data should be accurate and kept up-to-date
Personal data should be adequate, relevant and not excessive for the required purpose
Data must be processed in accordance with the rights of the data subject
Personal data can be held only for specified and lawful purposes
Personal data cannot be transferred to countries outside the European Economic Area (EEA)
Personal data should be obtained and processed fairly and lawfully
Data must be processed in accordance with the rights of the data subject
Personal data should be adequate, relevant and not excessive for the required purpose
Personal data should be accurate and kept up-to-date
Personal data can be held only for specified and lawful purposes
Personal data should not be kept for longer than is necessary
Personal data should be obtained and processed fairly and lawfully
Personal data should not be kept for longer than is necessary
Appropriate security measures must be taken against unauthorised access
