Article 5 GDPR Principles relating to processing of personal data

Article 5 sets out the core principles that must be followed when processing personal data. These principles form the foundation of data protection law and guide how organisations must handle personal information responsibly.

The six key principles are: lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; and integrity and confidentiality (security). Together, these principles ensure that data is collected for clear reasons, kept accurate and secure, and not stored longer than necessary.

Article 5 also introduces the principle of accountability, meaning organisations must not only follow these rules but also be able to demonstrate compliance. This encourages responsible data management and strengthens protection for individuals.

Article 5 – Principles of Personal Data Processing Quick Revision
Principle	Summary	Notes / Examples
Lawfulness, fairness, and transparency	Data must be processed legally, fairly, and in a transparent manner.	Informing users how their data is used; complying with GDPR legal bases.
Purpose limitation	Data must be collected for specified, explicit, and legitimate purposes only.	Using customer emails only for delivery updates, not marketing without consent.
Data minimisation	Only collect personal data that is adequate, relevant, and limited to what is necessary.	Don’t ask for unnecessary info like marital status for newsletter sign-up.
Accuracy	Ensure personal data is accurate and up-to-date; correct inaccuracies without delay.	Allow users to update contact info; correct errors in databases.
Storage limitation	Keep personal data only as long as necessary for the purposes it was collected.	Delete old employee records after statutory retention period.
Integrity and confidentiality (security)	Data must be processed securely to prevent loss, unauthorized access, or damage.	Use encryption, access controls, and secure storage systems.
Accountability	Controllers are responsible for compliance and must demonstrate it.	Maintain records of processing activities, audits, and policies.

Article 1 – Article 2, Article 3, Article 4, Article 5, Article 6, Article 7 , Article 8

Standards

Keep up to date with all the latest standards.

BS6527:1998 – methods of measurement of radio interference characteristics of information technology equipment – Withdrawn

BS EN55022:2010 – Information technology equipment. Radio disturbance characteristics. Limits and methods of measurement – Withdrawn

BS EN55032:2015+A11:2020 – Electromagnetic compatibility of multimedia equipment. Emission requirements – Withdrawn

BS EN55032:2015+A1:2020 – Electromagnetic compatibility of multimedia equipment. Emission requirements – Current/Under Review

BS EN 55035:2017+A11:2020 – Electromagnetic compatibility of multimedia equipment. Immunity requirements – Current/Under Review

BS EN55024:2010 +A1:2015 – Information technology equipment. Immunity characteristics. Limits and methods of measurement – Withdrawn

BS EN IEC61000-6-2:2019 ; Electromagnetic compatibility (EMC) – Generic standards. Immunity standard for industrial environments – Current Under Review

BS EN BS EN 61000-6-3:2021 TC – Electromagnetic compatibility (EMC) – Generic standards. Emission standard for equipment in residential environments – Current/Under Review

IEC61000-4-2:2025 – Electromagnetic compatibility (EMC) – Testing and measurement techniques. Electrostatic discharge immunity test – Current

BS EN IEC61000-4-2:2025 – Electromagnetic compatibility (EMC) – Testing and measurement techniques. Electrostatic discharge immunity test – Current

Press Here for More