Privacy Glossary

Data Minimisation

The principle that only personal data that is adequate, relevant, and limited to what is necessary should be collected and processed.

GDPRDPDP ActCCPAPIPEDA

Full Definition

Data Minimisation is a core data protection principle requiring organisations to collect and process only the personal data that is strictly necessary for the specified, explicit, and legitimate purpose. It involves limiting collection (not gathering data 'just in case'), restricting access (only those who need the data should have it), and applying retention limits (deleting data once the purpose is fulfilled). Practically, this means designing forms to ask only for essential fields, avoiding unnecessary data replication, and conducting regular data audits to identify and delete stale personal data.

Back to all terms

Related terms

Right to Erasure

An individual's right to have their personal data deleted ('right to be forgotten') in certain circumstances.

Anonymisation

The irreversible process of altering data so that individuals can no longer be identified, directly or indirectly.

Relevant regulations

GDPR

DPDP Act

CCPA

PIPEDA

Browse more terms

Explore all 25 privacy and compliance terms in our glossary.

View full glossary

Automate your privacy program

TruePrivacy handles DSRs, consent management, data mapping, and breach response — all in one platform.

Start Free Trial Book a Demo