According to GDPR, what should data be in relation to its purpose?

The principle that data should be adequate, relevant, and limited in relation to its purpose is fundamental to the General Data Protection Regulation (GDPR). This principle ensures that organizations only collect and process personal data that is necessary for the specific purpose for which it is being gathered.

The "adequate" aspect implies that the data collected must be sufficient to fulfill the intended purpose without being excessive. "Relevant" means that the data should be pertinent to the objectives set by the data controller. Finally, "limited" reinforces the idea that personal data should not exceed what is necessary. This principle promotes data minimization, which is a key tenet of GDPR aimed at protecting individuals' privacy and reducing the risk of unnecessary data exposure or misuse.

The other options do not align with the GDPR's intent. While thorough documentation is important for data governance, being excessive and comprehensive contradicts the idea of limiting data collection. Public accessibility of personal data is also opposed to the GDPR's focus on protecting individual privacy rights.