What is data minimization? The data minimization principle in the GDPR

Data minimization and GDPR
Categories:

The data minimization principle in the GDPR

In business, it is often said that, in case of doubt, it is better to collect and store more information than necessary from a customer because the additional information could be useful at some point. However, it is often overlooked that the vast majority of this additional information is never used and that the actual useful information is more difficult to find among the usually quite extensive data collections.

In addition, extensive data collection requires corresponding resources, e.g. working time and money. Irrespective of this, it regularly violates the so-called data minimization principle of the GDPR.

What is Data minimization and how can you meet the requirements from the GDPR implement?

Importance of the data minimization principle under the GDPR

Definition of the data minimization principle

Article 5 of the General Data Protection Regulation (GDPR), the essential basic principles of data protection are listed, which must be observed in the Processing of personal data must be taken into account. Data minimizationoften referred to as "data minimization".

The GDPR provides in the context of the requirements for Data minimization that personal data "appropriate and relevant to the purpose" and to the "for the purposes of the Processing be limited to the extent necessary". This means that the following requirements should be observed:

The collection of data must be suitable for achieving the defined purposes of the Processing to fulfill the purpose. When registering for a newsletter, for example, the collection of the data subject's address is not suitable for fulfilling the purpose (sending the digital newsletter by email) and may not be collected for this purpose when registering for an e-newsletter. The situation is different when registering to receive a monthly product catalog that is sent by post.

But that the collection of a certain type of data is appropriate to achieve the purpose of the Processing is not enough on its own. The data minimization principle also presupposes that this collection is also necessary, because the goal of Processing cannot be achieved otherwise. An example: The purpose of collecting biometric data as part of a fingerprint check at the entrance to a building is to prevent unauthorized access. However, it would also be possible to use the fingerprint check to record the working hours of employees in Germany. However, this purpose can be fulfilled (without the use of special data categories), for example, via a time clock or separate software - both of which should be milder means than fingerprint recognition. Processing special categories of data (biometric data).

The fact that the collection of certain data is suitable and necessary to achieve the purpose is not always sufficient. The context of the Processing of the data also plays a role. For example, a geolocation system may be installed on a truck for the purpose of effective route planning, but it may only be active during the driver's working hours. Another example is the Video surveillance. It can be used for the purpose of building security and theft prevention. However, cameras may only be used in certain areas: e.g. at the entrance to the building, but not in the changing rooms.

 

Is data minimization good or bad for you as a company?

 

For many, data minimization initially only appears to be good for the people whose data is being processed ("Affected parties": customer, website visitor, etc.) and is usually regarded by the entrepreneur as a limitation of his scope of action within the scope of his activities. This is Data minimization and data economy is also in the interests of companies. Apart from the avoidance of any sanctions, including fines for a data protection breach, the waiver on the Data retention the retrieval of useful data. By gaining space for data storage, you can also save resources.

The creation and review of the record of processing activities is a good opportunity to tidy up the processes you use and the data you store. Superfluous procedures are eliminated. Data whose Processing you cannot justify will be deleted. Apart from data that you have stored, this also applies to data that you can no longer identify. For example, if you have contact details of people but no longer know who they are and in what context the data was collected, it is a sign that this data should no longer be stored.

It is important to understand here that data minimization does not mean a ban on the collection of certain data, but only that you must have a justification for its collection and use. Processing must have in total.

In addition, the Data minimization increasingly important for customer trust. If customers realize that "tricks" are being used to learn more about them than what is necessary, they may decide not to continue working with the company.

 

What rights does a data subject have if the data minimization principle is disregarded?

 

The data subjects have all the rights set out in Chapter III and Article 77 of the GDPR. GDPR be represented. In particular, they have the right to Deletion of the data if this is not necessary for achieving the purpose of the Processing are necessary.

 

What is the maximum length of time you can store data?

 

At some point, data must also be deleted, namely when there is no need or obligation to store it. Storage is no longer available. The specific retention periods are highly dependent on the context of the data processing. The creation and implementation of a deletion concept is therefore highly recommended. In simplified terms, the existing data is categorized and sorted according to the Necessity with deadlines; in particular, the statutory and industry-standard retention periods must be observed. As part of the concept, the retention periods for different categories of data that are stored together are harmonized and a common period is defined for these. However, a time limit alone is not sufficient, as it must also be determined when this period begins. For example, it could be specified that the period for Deletion of a customer file begins as soon as there has been no contact with the customer for three years.

 

How do you ensure data minimization?

What question do you need to ask yourself?

 

For each data processing operation, you must ask yourself which data is required to achieve the purpose. All other data ("data retention") cannot be processed within this framework, or a separate authorization standard/legal basis must be used for this (e.g. the Consent).

Transparency is also very important. Do not hide references to data processing in long contract texts or make the conclusion of the contract dependent on the submission of a consent form. Consent to another Processing dependent. For example, you should only mark those fields in a form as mandatory fields that are necessary to achieve the purpose of the main processing.

Another example: As a rule, you do not need information about whether a customer has children or when they have been on vacation for the purpose of performing a contract. This information can therefore not be processed on the basis of Article 6(2)(b) of the GDPR. GDPR ("fulfillment of the contract"). However, as a seller you naturally have a legitimate interest in creating a basis of trust with the customer and exchange some private information for this purpose. This information can be processed on the basis of the Consent of the customer for the purpose of good customer relations. However, you should be the only person who has access to this information; the elements must not be entered in a CRM, for example. If another salesperson takes over the customer, you may not pass on this information.

 

Data protection-friendly default settings as implementation of the data minimization principle

 

The data minimization principle overlaps with the principle of data protection-friendly default settings (privacy by design), which is set out in Art. 25 (2) GDPR. GDPR is performed.

This principle states that suitable Technical and organizational measures must ensure that by default only personal datawhose Processing is necessary for the specific processing purpose in question. The principle concerns, among other things, the means that must actually be implemented so that the data minimization principle is observed. For example, optional fields and mandatory fields in a form must be easily distinguishable from each other for the customer.

In addition to data protection-friendly default settings that implement the data minimization principle, we recommend that you avoid free-form input fields on forms and prefer drop-down selection options or checkboxes if they are not contact forms and where only certain data is required. If people do not know what to enter, there is a risk that they will provide information that is not relevant to the Processing are unnecessary.

As a second example, we would like to mention the issue of comment fields in files that are maintained by your employees. Supervisory authorities have, for example Fine imposed because employees of call centers are very precise and not for the purpose of Processing relevant information about customers (about their health,...) with sometimes even offensive remarks in comment fields of the CRM system. Apart from the necessary data protection training of your employees, we recommend that you set up a warning banner for the use of such comment fields, or restrict the entries using drop-down menus.

 

Conclusion: how can you successfully implement a data minimization initiative?

 

You must evaluate all personal data that you have in your database by registering for each Processing ask whether the data that is collected is in line with this principle. Then you must check whether the unnecessary data collected may be processed in a different context. Finally, you must delete the data for which no framework can be found and you may no longer collect this data in the future.

The collection of information for the record of processing activities should actually give you many elements that allow you to get a picture of the state of your organization in terms of the data minimization principle.

 

How can 2B Advice help you implement the data minimization principle?

 

We can help you determine when data for a Processing are necessary and advise on alternative frameworks for the Processing the additional data, if this is possible. As a rule, we carry out this work as part of the creation or updating of a directory, as part of external data protection officer mandates or as part of a special assignment for this purpose. In addition, we provide you with advice on the best implementation of data protection-friendly default settings.

Contact us
Tags:
Share this post :

Popular categories

Newsletter

Subscribe to our data protection newsletter to receive the latest updates, tips and insights straight to your inbox.
Subscribe

Latest posts