GDPR-25-06
Data Governance
25 — Data protection by design and by default
Apply default protection to data accessibility
Description
The data protection by default obligation specifically applies to limiting the accessibility of personal data to what is necessary for the processing purpose.
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
GDPR-25-01
Requirement
Implement data protection by design measures
GDPR-25-02
Requirement
Implement data protection by default measures for data necessity
GDPR-25-03
Data Governance
Apply default protection to data collection amount
GDPR-25-04
Data Governance
Apply default protection to processing extent
GDPR-25-05
Data Governance
Apply default protection to storage period
GDPR-25-07
Requirement
Ensure default non-accessibility without individual intervention
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started