Lesson 1 of 0
In Progress


Warning: Attempt to read property "post_author" on null in /home2/palanfou/evarsity.my/wp-content/themes/buddyboss-theme/learndash/ld30/lesson.php on line 190
UoC August 5, 2020
General Principle
  • A data user shall not process personal data of a data subject unless the data subject has consented to the processing of his/her personal data.
  • explicit consent required for sensitive personal data (see s.40).
  • processing must be related to the activity of the data user and for the purpose of the data user’s collection.
  • General Principle
      Written notice must be given to data subjects which contain information on:
    • what is being collected;
    • why is being collected;
    • who it may be disclosed to;
    • where it is collected from; ;
    • how the data user intends to limit processing;
    • whether it is obligatory or optional to disclose the personal data and the effect of non-disclosure.
    Disclosure Principle
    sec.8 No disclosure to be made to third parties without consent and only within the scope of purpose.
    Security Principle
  • Data users must, when processing personal data, take practical steps to protect the personal data from any loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction.
  • Data users are responsible for the standards to be upheld by data processors.
  • Retention Principle
  • The personal data processed for any purpose shall not be kept longer than is necessary for the fulfilment of that purpose
  • Data no longer needed must be destroyed
  • Data Integrity Principle
  • A data user shall take reasonable steps to ensure that the personal data is accurate, complete, not misleading and kept up-to- date.
  • Access Principle
    sec.12 A data subject shall be given access to his personal data held by a data user and be able to correct that personal data where the personal data is inaccurate, incomplete, misleading or not up-to-date.