15. Processing of personal information
16. Minimality
17. Collection directly from the data subject
18. Purpose specification and further processing limitation
19. Retention of records
20. Security measures on integrity of personal information
21. Information processed by an data processor of the data controller
22. Security measures regarding information processed by an data processor
23. Notification of security compromises
24. Quality of information
25. Notification to the Commission and to the data subject
26. Access to and challenges of personal information
27. Correction of personal information
28. Data controller to give effect to principles
29. Prohibition on processing of sensitive personal information
PART IV –EXEMPTIONS FROM PROTECTION ON PROCESSING OF PERSONAL
INFORMATION
30. Exemption on data subject’s spiritual, religious or philosophical beliefs
31. Exemption on data subject’s race
32. Exemption on data subject’s trade union membership
33. Exemption on data subject’s political affiliation
34. Exemption on data subject’s health or sexual life
35. Exemption on data subject’s criminal behaviour
36. General exemption on sensitive personal information