Data Minimisation

Data minimisation is a fundamental GDPR principle requiring you to collect and process only personal data that is adequate, relevant and limited to what is necessary. The principle prevents organisations from collecting data 'just in case'.

Back to Dictionary

What is data minimisation?

Data minimisation is one of the seven fundamental principles in GDPR Article 5(1)(c). The principle states that personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.

In practice, this means that as a data controller you must not collect more data than you need. You must be able to justify each data point with a specific purpose. "We might use it later" is not a valid argument.

Data minimisation is closely linked to purpose limitation. First you define the purpose, and then you assess which data is necessary to fulfil it.

The three requirements for data minimisation

The GDPR imposes three simultaneous requirements on the personal data you process:

Adequate: You must collect enough data to fulfil the purpose. If you collect too little, you cannot deliver the service or fulfil the obligation that forms the basis for the processing.
Relevant: Each type of data must have a direct connection to the purpose. You must not collect irrelevant data.
Limited to what is necessary: Even relevant data must be limited to the minimum that is necessary. If you can achieve the purpose with less data, you must do so.

The requirement applies not only at the point of collection. You must also continuously assess whether you still need the data you hold. Data that is no longer necessary must be deleted or anonymised.

Data minimisation in practice

Data minimisation begins at the design stage. When developing forms, systems or processes that collect personal data, you should ask for each field: 'Is this strictly necessary for the purpose?'

Specific measures you can implement:

Review all contact forms and remove fields that are not necessary
Introduce automated deletion routines that remove data after the defined retention period
Use pseudonymisation or anonymisation when full identification is not necessary
Limit access via access control so that staff only see the data they need
Document for each processing activity in your record why the collected data is necessary

Privacy by design makes data minimisation an integrated part of system development. It is easier to design correctly from the start than to remove unnecessary data collection afterwards.

Relationship with other GDPR principles

Data minimisation does not stand alone. It is connected to several other GDPR principles:

Purpose limitation: You can only assess what is 'necessary' when you have defined a clear purpose.
Storage limitation: Data must be deleted when the purpose has been fulfilled. This is the temporal dimension of data minimisation.
Accuracy: Less data means fewer risks of inaccurate information.

Data minimisation also reduces the risk in the event of a data breach. The less data you hold, the less damage a breach can cause to data subjects.

A DPIA can help you identify where you are collecting more data than necessary. Your DPO should regularly review your data minimisation practices.

Frequently Asked Questions about Data Minimisation

What does data minimisation mean under the GDPR?

Data minimisation means that you may only collect and process personal data that is adequate, relevant and limited to what is necessary for the specific purpose. You must not collect data 'just in case' or for future, undefined use.

How do you implement data minimisation in practice?

Start by reviewing all forms, systems and processes that collect personal data. For each data point, you must be able to justify why it is necessary for the specific purpose. Remove fields that are not strictly necessary and introduce deletion routines for data you no longer need.

What is the relationship between data minimisation and anonymisation?

Anonymisation can be a tool for data minimisation. If you can fulfil your purpose with anonymised data, you should choose that solution, as anonymised data is not personal data and is therefore not subject to the GDPR.

Can you be fined for inadequate data minimisation?

Yes. Data minimisation is one of the fundamental principles in GDPR Article 5. Breach of the principles can lead to fines of up to EUR 20 million or 4% of global annual turnover.