How can we protect the customer from sharing more personal data than absolutely necessary?

How can we protect the customer from sharing more personal data than absolutely necessary?

When requesting personal data on a web-page, a practical way to limit collection is to use drop-down choices and click-boxes rather than to request free-text answers. This protects the customer from sharing too much personal data.

Any form of minimisation on data collection and duplication is referred to in the GDPR as data minimisation (Article 5.1c).
    • Related Articles

    • About collection / processing of sensitive data

      It is forbidden to ask or save sensitive data unless a data protection impact assessment (DPIA) has been done and shown that it is absolutely necessary, and there are no alternatives. Sensitive data includes: health data, religious and/or political ...
    • There is a vital interest for the collection and processing

      Making GDPR compliance easy with Privasee · There is a vital interest for collection and processing Article 6d, vital interest. Processing is necessary in order to protect the vital interests of the data subject or of another natural person. This is ...
    • So your organisation has a legitimate interest to process personal data under Article 6f?

      Making GDPR compliance easy with Privasee · Article 6f, your organisation has a legitimate interest Article 6f, legitimate interest. Processing is necessary for the purposes of the legitimate interest pursued by the controller or by a third party, ...
    • What is a personal data breach?

      Making GDPR compliance easy with Privasee · Personal Data Breach Definition A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data ...
    • What is pseudonymised data?

      Pseudonymised data is reversible. Normally what entails is that a name could be replaced with a unique ID, and maybe there's a table somewhere to enable the processor to be able to reverse back again. Now pseudonymised data is still personal data ...