Act
Data Protection And Privacy Act
2019
14. Minimality.
(1) A data controller or data processer shall only process the
necessary or relevant personal data.
(2) For the avoidance of doubt a data controller or data processer
shall not process personal data which is in excess of the data which is
authorised by law or required for a specific purpose.
15. Quality of information.
(1) A data collector or data processor or data controller shall
ensure that the data is complete , accurate, up-to-date and not
misleading having regard to the purpose for its collection or
process mg .
(2) A data subject shall ensure that the personal data given to the
data collector or data processor or data controller is complete,
accurate, up to date and not misleading.
16. Correction of personal data.
(1) A data subject may request a data controller to-
(a) correct or delete personal data about the data subject held
by or under the control of the data controller that is
inaccurate, inelevant, excessive, out of date, incomplete,
misleading or obtained unlawfully; or
(b) destroy or delete a record of personal data about the data
subject held by the data controller which the controller no
longer has the authority to retain.
(2) On receipt of the request, a data controller shall comply with
the request.
(3) Where the data controller is not able to comply with the
request under subsection (1), the data controller shall inform the data
subject of the rejection, and the reasons for the rejection in writing.