Under the EU general data protection regulation (GDPR), any data processing activities must be compliant with six privacy principles, which are the cornerstone of the european privacy regulation and most international privacy laws.
The privacy principles are set out in article 5 GDPR and are as follows :
Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Security
Accountability