Answer
Personal data should only be processed where it isn’t reasonably feasible to carry out the processing in another manner. Where possible, it is preferable to use anonymous data. Where personal data is needed, it should be adequate, relevant, and limited to what is necessary for the purpose (‘data minimisation’). It’s your company/organisation's responsibility as controller to assess how much data is needed and ensure that irrelevant data isn’t collected.