The GDPR requires you to put in place appropriate technical and organisational measures to implement the data protection principles and safeguard individual rights. This is ‘data protection by design and by default’. If you are looking for a well-written guideline in English on this topic, we find that (UK’s independent authority for data privacy) does a great job in this summary.


Click here to read more