In the context of the GDPR, as per 25 May 2018, Digidentity must follow rules with regard to:
* Transparency: through its Privacy Policy, Digidentity has informed its customers that it is processing their personal data and for what purpose. Customers consent to this, or not (see below).
* Purpose limitation: In its Privacy policy, Digidentity has set down for which purposes it is collecting and processing personal details. It has stated that it will not use the personal details for other purposes.
* Constraint on data collection: In its Privacy policy, Digidentity has set down that it will only collect the data necessary for those purposes.
* Correctness: In its Privacy policy, Digidentity has set down that the personal data must (continue to) be correct. Users of the Digidentity Identity Service are requested to inform Digidentity of any changes through their user accounts.
* Constraints on storage: In its Privacy policy, Digidentity has set down that it will not store personal data for longer than is necessary to provide its services or comply with applicable laws and regulation.
* Integrity and confidentiality: In its Privacy policy, Digidentity has set down that it is protecting the personal data from unauthorised access, loss or destruction.
* Liability: In its Privacy policy, Digidentity has set down that it is liable to comply with these rules.