In the context of the GDPR (General Data Protection Regulation), as per the 25th May 2018, Digidentity must follow rules with regard to the following:
- Transparency: Through its Privacy Statement, Digidentity has informed customers what happens with their details. Customers must consent to this in order to register for an account.
- Purpose limitation: In its Privacy Statement, Digidentity has detailed for which purposes it will collect and process personal details. A customer's personal details will not be used for any other reason than those stated in the statement.
- Constraint on data collection: In its Privacy Statement, Digidentity has stated that it will only collect the data necessary for those purposes.
- Correctness: In its Privacy Statement, Digidentity has stated that personal details must (continue to) be correct. Users of the Digidentity identity service are requested to inform Digidentity of any changes through their user accounts.
- Constraints on storage: In its Privacy Statement, Digidentity has stated that it will not store personal details for longer than is necessary to provide its services or comply with applicable laws and regulation.
- Integrity and confidentiality: In its Privacy Statement, Digidentity has stated that it will protect personal details from unauthorised access, loss or destruction.
- Liability: In its Privacy Statement, Digidentity has stated that it is liable to comply with these rules.