4. GDPR Principles

GDPR sets out the principles which data controllers (the Company) and data processors (whoever processes HR data - this could include processing in-house and/or externally e.g. an external payroll company) must comply with when processing personal data (Article 5). These principles form the core of the obligations of the data controller and will usually form the basis of any complaint that a data controller has not complied with its statutory duties.

In addition to these principles, GDPR confers rights on data subjects (in HR terms, these are your employees).

What are the principles?

Lawfulness, fairness and transparency. Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject (Article 5(1)(a)). Purpose limitation. Personal data must...

Member's content

On this page

GDPR sets out the principles which data controllers (the Company) and data processors (whoever processes HR data - this could include processing in-house and/or externally e.g. an external payroll company) must comply with when processing personal data (Article 5). These principles form the core of the obligations of the data controller and will usually form the basis of any complaint that a data controller has not complied with its statutory duties.

Sign up to continue reading this content and gain access to our Regular Member content