Practice vocabulary for data minimization: collecting only necessary data, anonymization, purpose limitation, and data retention policies in privacy engineering.
0 / 5 completed
1 / 5
'We collect only what we _____ for this purpose.' Which word completes the data minimization principle?
'We collect only what we need for this purpose' is the core data minimization statement — collection must be tied to a specific, justified need.
2 / 5
What does 'purpose limitation' mean in GDPR?
Purpose limitation means data collected for a specified purpose (e.g., order fulfilment) cannot later be repurposed (e.g., marketing) without new consent.
3 / 5
'The feature doesn't need PII.' What does PII stand for?
PII stands for Personally Identifiable Information — any data that can identify a specific individual, such as name, email, or IP address.
4 / 5
Which action best implements data minimization before storing analytics?
Anonymizing data (removing or hashing PII fields) before storage is the direct application of data minimization for analytics workloads.
5 / 5
A data retention policy specifies:
A data retention policy defines the lifecycle of data — how long it is kept for each purpose, and the process for deletion when that period expires.