GDPR-25-01
Requirement
25 — Data protection by design and by default
Implement data protection by design measures
Description
Controllers must implement appropriate technical and organisational measures (such as pseudonymisation) at the time of determining processing means and during processing itself to implement data...
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
GDPR-25-02
Requirement
Implement data protection by default measures for data necessity
GDPR-25-03
Data Governance
Apply default protection to data collection amount
GDPR-25-04
Data Governance
Apply default protection to processing extent
GDPR-25-05
Data Governance
Apply default protection to storage period
GDPR-25-06
Data Governance
Apply default protection to data accessibility
GDPR-25-07
Requirement
Ensure default non-accessibility without individual intervention
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started