Data minimisation
Data minimisation means collecting and processing only data that is relevant, necessary and adequate for the purpose - collect only what you really need. It is implemented through two concepts: necessity and proportionality. A 'save-everything' approach is disproportionate and breaches the principle. A useful starting point is asking whether anonymous or anonymised data could achieve the purpose instead of personal data.
The EDPS puts it simply: collect only the personal data you really need. Apply two tests - necessity (is each field actually required?) and proportionality (is the amount and intrusiveness appropriate?). A 'save-everything' approach is disproportionate.
- Could the purpose be met with anonymous (fake) data? If so, use that.
- If not, could anonymised data (stripped of all identifiers) work?
- If only personal data works, collect only necessary fields (e.g. age range instead of full date of birth).
- Check proportionality: prefer less-intrusive means; avoid excessive volume.
The AEPD found fingerprint, keystroke and facial-recognition systems disproportionate where less-intrusive means could achieve the same purpose (e.g. validating a student's identity in an online exam).
Data minimisation is about how much you collect (relevance/necessity/proportionality). Storage limitation is about how long you keep it. Same instinct ('don't hoard'), different axis.