sourceData Protection Commissioner
1. Obtain and process information fairly.
2. Keep it only for one or more specified, explicit and lawful purposes.
3. Use and disclose it only in ways compatible with these purposes,
4. Keep it safe and secure.
5. Keep it accurate, complete and up-to-date.
6. Ensure that it is adequate, relevant and not excessive.
7. Retain it for no longer than is necessary for the purpose or purposes.
8. Give a copy of his/her personal data to than individual, on request.
A Privacy Statement is a public declaration of how the organisation applies the data protection principles to data processed on its website. It is a more narrowly focused document and by its public nature should be both concise and clear.