The proportionality test (page 7 - Processing activities or DPIA) within a data protection impact assessment (DPIA) is an essential component because it ensures that the processing of personal data complies with the basic principles of the General Data Protection Regulation (GDPR), in particular the principles of necessity, proportionality and minimization.
You are welcome to use the following structure as a basis for your explanations:
1) Intended purpose
Examination of legitimacy: Is the purpose of the processing lawful and comprehensible?
Proportionality to the purpose: Is the scope of the data processing appropriate in relation to the intended purpose?
Your details follow
2)Suitability of the measures:
Are the technologies and methods used suitable to achieve the intended purpose?
Is there a clear purpose limitation and transparent processing?
Your details follow
3) Necessity
Is only the most necessary data collected that is required for the purpose (data minimization)?
Are there alternatives to achieve the same purpose?
Your details follow
4) Appropriateness and balancing
Finally, the appropriateness of the means is assessed with regard to the purpose and the severity of the interference
Your information follows