The GDPR sets out seven key principles. These principles should lie at the heart of your approach to processing personal data.