Data Minimization

Data minimization is not just a legal requirement — it's a security and business strategy. The less personal data you hold, the lower your risk in a breach, the simpler your compliance, and the less costly your data management. Organizations that collect everything "just in case" expose themselves to greater fines, larger breach impacts, and more complex data subject requests.

Data minimization asks three questions about every data collection:

1. Is this data adequate? — Do you have enough data to achieve your purpose? (Too little is also a problem)
2. Is it relevant? — Does this data actually relate to the stated purpose?
3. Is it limited to what's necessary? — Could you achieve the same purpose with less data?

Scenario	Minimized	Not minimized
Newsletter signup	Email address only	Email + name + phone + date of birth + address
Job application	CV, cover letter, references	Social media passwords, family status, religion
E-commerce order	Name, address, payment info	Full date of birth, gender, income bracket
Wi-Fi access	Accept terms + email	Full registration with passport scan

• Review data collection forms — remove fields that aren't strictly necessary
• Set retention periods — delete data when the purpose is fulfilled
• Audit existing databases — identify and purge data collected without a clear purpose
• Design new systems with minimization in mind — don't add "nice to have" fields
• Use pseudonymization or anonymization where full identification isn't needed
• Train staff to question what data they actually need to collect

Data minimization works alongside:

• Purpose limitation — you can only use data for the purpose you collected it
• Storage limitation — you can't keep data longer than necessary
• Data protection by design — systems should be built to collect minimal data by default

• GDPR Article 5(1)(c) — data minimization principle
• GDPR Article 25 — data protection by design and by default
• EDPB Guidelines on data protection by design and by default