Principle 1 — Purpose and manner
of collection.
This provides for the lawful and fair collection of personal data and sets out the information a data user must give to a data subject when collecting personal data from that subject.
Principle 2 — Accuracy and duration
of retention. This provides that personal data should be accurate, up-to-date and kept no longer than necessary.
Principle 3 — Use of personal
data.
This provides that unless the data subject gives consent otherwise personal data should be used for the purposes for which they were collected or a directly related purpose.
Principle 4 — Security of personal
data.
This requires appropriate security measures to be applied to personal data (including data in a form in which access to or processing of the data is not practicable).
Principle 5 — Information to
be generally available.
This provides for openness by data users about the kinds of personal data they hold and the main purposes for which personal data are used.
Principle 6 — Access to personal
data. This provides for data subjects to have rights of access to and correction of their personal data.
