Datenminimierung (EN)

Concept

GDPR principle requiring collection and processing of only necessary personal data

Data Minimization

Data minimization is a core principle of the General Data Protection Regulation (GDPR) stating that only personal data necessary for the processing purpose may be collected and processed. This principle requires data controllers not to store unnecessary data and to collect as little information as possible. Data minimization serves to protect privacy and reduces the risk of data breaches, as less sensitive data can potentially be compromised. It is an essential element of privacy-compliant application architecture and development.

Architecture

flowchart TD     A[Data Source] --> B{Data Filtering}     B --> C[Necessary Data]     B --> D[Disposed Data]     C --> E[Processing]     E --> F[Storage]     F --> G[Usage]

In Context

Typically used together with data economy, pseudonymization, and anonymization
Related to: Purpose limitation, data security, Privacy by Design
Example implementation: An e-commerce shop collects only name, shipping address, and payment data for order processing, but no health information

Quelle: AI Generated