Under UK GDPR, personal data must be processed (e.g., collected, organised, altered, stored, used, shared, disposed of) in accordance with the data protection principles. The six principles are summarised below.
Personal data must be:
In addition, the University must demonstrate accountability for its compliance with these principles.