The GDPR protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data (GDPR Art 1.2).
Data protection by design is a legal requirement of the GDPR (Art 25). "...The controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, ..., which are designed to implement data-protection principles, ..., in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of the GDPR and protect the rights of data subjects."
"Data protection by design" (DPbD) should not be confused with "privacy by design" (PbD). Privacy by design is a context brought by former Information and Privacy Commissioner for the Canadian province of Ontario. Ann Cavoukian.
Data protection and privacy are closely related rights, but under EU law, they are two separate fundamental rights from the EU Charter of Fundamental Rights . Privacy by design is not a GDPR requirement. PbD will mainly assist at policy level.
Data protection by design may be daunting and that is why Bizoneo Professional Services assist organisations handle their data protection by design compliance requirements.
You are commissioning a website, our team can: