Go Marie Kondo on your data

January 24, 2020
English Language

For years, the data of consumers and stakeholders have been collected in every shape and form. However, The General Data Protection Regulation (GDPR) has put data processing and privacy at the forefront, forcing many organizations to rethink their “more data is always better data policy” and develop better habits. Because, it is no longer an option to process vast amounts of data, if you want to obtain GDPR compliance. Instead, you need to have a data minimization policy as it is one of the core tenets of GDPR… so, knowledge may be power, but in the world of privacy, it can be your downfall.

However, almost two years after the GDPR came into force, many still struggle with the data minimization concept. For this reason, we have created a small data minimization technique with a Marie Kondo-twist to make it simpler and more top of mind. But what do Marie Kondo and GDPR have in common? More than you probably think, because, like the principles of the method, KonMari, the path to data protection compliance begins with inventory and minimization.

Commit yourself: Decluttering your data will take time and not finishing will not ensure you GDPR compliance. At the same time, you need to commit to doing it regularly as data will continue to flow into your organization. Therefore, doing it once won't be enough. This is an ongoing task.

Imagine your ideal GDPR life: Knowing your end goal in the cleaning process is essential - because without a map, you will not know how to get to your destination, and you might end up making everything messier. Therefore, it is important to make a strategic plan, and imagine how your data protection compliance will look like - and how you continuously ensure it.

Finish discarding first: Decluttering without getting rid of any data just means that you are moving stuff around. Remember to remove old and bad data before you get too far along in the process.

Tidy by category, not location: It can be overwhelming to clean up your data. Tidying by category – e.g. financial data - gives you a streamlined way to approach the different data areas in your organization and gives you a better overview of how much data your organization has.

Follow the right order: Even though it can be difficult to distinguish between the different categories of data, it is important to stay on track and not mix them together. Meaning, you should not be distracted and start cleaning a new category before you finished the first one.

Does it spark joy?: Do you really need it? It may seem like a weird question to ask yourself when you are looking at data. But we do tend to keep more than we need – just in case! But that is a big NO-NO in the GDPR. You always need to meet one of the GDPR’s conditions for the legal processing of personal data. Have this in mind when you go through all your data. It can be difficult to let go, but you need to, if you want to ensure GDPR compliance.

A pile of papers with Data_Declutter your data_RISMA Systems

We point out that our blog posts are neither comprehensive nor an absolute exposition of the compliance processes. RISMA Systems makes no guarantee that the information is accurate, up-to-date or complete, and the blog post must by no means be seen as legal advice. You are responsible for verifying that the information is in accordance with applicable law, if you are considering using it. All information is used at your own risk. RISMA Systems cannot guarantee full compliance with applicable laws and regulations, if you choose to follow the information in this blog post.


Stay up to date with knowledge and best practices on compliance, risk management, and governance. Receive guides, articles, case stories, invitations to events, offers, and much more.