Privacy Glossary

Privacy by Design

An approach that embeds privacy protections into the design and architecture of systems and processes from the outset.

GDPRDPDP Act

Full Definition

Privacy by Design (PbD) is a framework developed by Ann Cavoukian that advocates embedding privacy into the design of IT systems, business practices, and physical infrastructure from the start — rather than adding it as an afterthought. GDPR Article 25 makes Privacy by Design and Privacy by Default legally mandatory for data controllers. The seven foundational principles include: proactive rather than reactive measures, privacy as the default setting, full functionality (positive-sum), end-to-end security, visibility and transparency, respect for user privacy, and privacy embedded into design. Practically, this means privacy engineers participate in product development, PIAs are conducted early, and data minimisation is applied at the schema level.

Back to all terms

Related terms

Data Minimisation

The principle that only personal data that is adequate, relevant, and limited to what is necessary should be collected and processed.

DPIA

Data Protection Impact Assessment — a systematic process to identify and minimise privacy risks in new processing activities.

Data Controller

An entity that determines the purposes and means of processing personal data.

Relevant regulations

GDPR

DPDP Act

Browse more terms

Explore all 25 privacy and compliance terms in our glossary.

View full glossary

Automate your privacy program

TruePrivacy handles DSRs, consent management, data mapping, and breach response — all in one platform.

Start Free Trial Book a Demo