Data minimisation. As a general principle, you should gather and retain no more Card Data or other sensitive data than you need. Holding Card Data and personal data creates a risk of liability to you, and you can reduce that risk by taking and holding less data. If you store Card Data, consider carefully the need to do so: PayPal must refund a payment which lacks its payer’s authorisation, and if the user will authorise a further payment, the user will generally also give you up-to- date Card Data again, so you may have little need to store Card Data for future use. Card Data that you do not have is data that you cannot spill if you suffer a Data Breach.
Data minimisation. As a general principle, you should gather and retain no more Card Data or other sensitive data than you need. Holding Card Data and personal data creates a risk of liability to you, and you can reduce that risk by taking and holding less data. If you store Card Data, consider carefully the need to do so: PayPal must refund a payment which lacks its payer’s authorisation, and if the user will authorise a further payment, the user will generally also give you up-to- date Card Data again, so you may have little need to store Card Data for future
Data minimisation. 7.1 Personal Data will be shared on a strict need to know basis only, and will only comprise the Personal Data necessary to give effect to the Services Agreement;
7.2 The sharing of the Personal Data is both necessary and proportionate in order to give effect to the Services Agreement;
7.3 To ensure the Shared Personal Data is not irrelevant or excessive for the Agreed Purposes, Personal Data to be shared shall be limited to that which is necessary to give effect to the Services Agreement, and shall not be held for longer than is permitted by applicable Data Protection Legislation.
Data minimisation. The following measures shall be taken to ensure the Shared Personal Data is not irrelevant or excessive for the Agreed Purposes:
1. the Shared Personal Data shall not include Data Subjects who have opted-out of the Initiative
2. Data from the Office of National Statistics’ Secure Research Services (SRS) is pseudonymised by ONS
Data minimisation minimise the amount of personal data collected, minimise the number of privacy stakeholders and people to whom personal data is disclosed, offer as default non-privacy invasive options, and delete personal data whenever the purpose for processing has expired.
Data minimisation. 9.1 Personal Data must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed.
9.2 You may only Process Personal Data when performing your job duties requires it. You cannot Process Personal Data for any reason unrelated to your job duties.
9.3 You may only collect Personal Data that you require for your job duties: do not collect excessive data. Ensure any Personal Data collected is adequate and relevant for the intended purposes.
9.4 You must ensure that when Personal Data is no longer needed for specified purposes, it is deleted or anonymised in accordance with the Company's data retention guidelines.
Data minimisation. Personal Data must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed. The employee may only Process Personal Data when performing their job duties requires it. The employee cannot Process Personal Data for any reason unrelated to their job duties. The employee may only collect Personal Data that they require for your job duties: do not collect excessive data. Ensure any Personal Data collected is adequate and relevant for the intended purposes. The employee must ensure that when Personal Data is no longer needed for specified purposes, it is deleted or anonymised in accordance with the employer’s data retention guidelines.
Data minimisation. You must ensure that personal data you process is adequate, relevant and limited to what is necessary in relation to your processing purpose.
Data minimisation. Process and store only necessary personal data.
Data minimisation. 14.1. We will restrict the processing of Personal Information to data which is sufficient for the fulfilment of the primary purpose and applicable legitimate purpose for which it was collected.