Siphambili, NokuthabaNgobeni, Sipho JShadung, Lesiba DNetshiya, Rofhiwa2026-03-122026-03-122026-121868-42381868-422Xhttps://doi.org/10.1007/978-3-032-13075-4_9http://hdl.handle.net/10204/14755The General Data Protection Regulation (GDPR), a European data protection law enacted in 2016, focuses on the protection of the data of individuals in the European Union (EU). Incorporating privacy by design (PbD) principles into Compliance assessment systems ensures that privacy is prioritized in the design and architecture of systems. This paper followed a systematic literature review that discussed privacy by design principles. It then formulates seven Privacy by design principles based on literature analysis. We then highlight a GDPR compliance assessment toolkit (GCAT) and compare the seven PbD principles to the GCAT to show that the GCAT was designed to incorporate privacy by default and privacy by design principles. The observations indicate how privacy by design principles are embedded into the development of the system to enhance trust among users.AbstractenPrivacy by designGeneral Data Protection RegulationGDPRCompliance AssessmentPrivacy as the default settingArticle