In accordance with this principle of privacy by design, we default to data protection as a mandatory element of the planned process, document, mechanism or functionality. For us, default data protection is, in practice, primarily the automatic assumption that, among others: we process minimal data (only necessary, to the minimum extent), we process data only of those persons whom we need to (i.e. we limit the categories of data subjects to a minimum), we immediately determine the period of their storage (the shortest needed to avoid data processing indefinitely), we take into account the principle of minimum access to data (necessary knowledge, i.e. the minimum necessary group of people, minimum permissions set as default).

This principle is closely related to the principle of privacy by design, i.e. data protection in the design phase. In its spirit, in practice, we primarily design security measures (technical and organizational), such as encryption, limiting data processing locations, or any other security measures, especially the functionalities of the Webankieta system, which should guarantee privacy by default. In our approach, such mechanisms are to be provided by default, and not only when the user changes their settings to more "private" ones (e.g. masked passwords, no automatic option to remember passwords, forced password changes periodically).