what are the 8 key principles of the data protection act?
data should be processed fairly and lawfully.
pd can only be obtained for clearly stated purposes.
the amount of data collected and stored should not be more than required.
pd should only be used for the purpose for which it was collected.
pd should only be processed within the rights of the data subject.
pd should be protected from theft or unlawful access.
pd cannot be transferred to anywhere outside of the EU unless the country has the same level of legal protection as set by the DPA.