Privacy by design Principles for data protection by design and default The IAPP defines 7 principles of data protection by design and default, based on the Fair Information Principles, which we have implemented in the following way: 1. Proactive, not reactive; Preventative, not remedial Identify threats, risks and events that are relevant for the processes, systems and technologies being developed. For these threats, risks and events, identify possible preventative controls and actions. Define which actions and controls need to be implemented. 2. Privacy as the default setting The purpose of the collection and processing of data, should be communicated to the subject before it is taking place Collection of data should be limited to what is necessary When possible, identifiability should be minimized when processing data Use, retention and disclosure of information should be limited to relevant purposes for which the subject has consented, or where there is a legal requirement 3. Privacy embedded into design Implement a systematic approach to embedding privacy in design decisions by relying on established standards such as ISO 27701 Carry out risk assessments and privacy assessments during design phases, to ensure measures are embedded into the design Privacy impacts of technology and infrastructure should be minimized 4. Full functionality (positive sum, not zero sum) Implementing privacy and security should be done in such a way that full functionality is retained and not impaired Privacy and security are not contradictions and should not be communicated or implemented in such a way All interests and objectives should be documented, and tradeoffs should be rejected in favour of solutions that implement full functionality 5. End-to-end security Privacy and security should be implemented end-to-end during the full lifecycle of the data protected. Security should ensure the confidentiality, availability and integrity of personal data throughout the lifecycle, including encryption, access control, logging and destruction of the data 6. Visibility and Transparency Accountability should be placed when collecting and processing data, also when transferring data to a third party Information about implemented policies and procedures should be made available to individuals Compliance with policies and procedures should be monitored and evaluated 7. User-centric privacy Users should play an active role in the management of their own data Informed user consent in the collection, use and disclosure of personal data should be ensured, unless regulated by law Personal data should be accurate, complete and up-to-date to fulfill the specified purposes Subjects should be given access to their own personal data and be informed of its use A process should be established, giving users access to relevant information, including complaint procedures