<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">

Who needs consent under GDPR?

Everything hangs on consent under GDPR, right? We can't process any personal data without it.

Not true. While the rules on consent are certainly much tougher under GDPR, the Information Commissioner's Office (ICO) has made clear that consent is only needed if you're relying on it as the legal basis to process personal data.

Download our free GDPR presentation template and train your employees on the  new law

Put simply, having consent is one way of making sure you are compliant with GDPR but there are other options which may be more appropriate for your organisation. Let's run through them…

Familiarise yourself with these other conditions to ensure lawful processing of data under GDPR:

processing of data under gdpr

  1. Processing is necessary for the performance of a contract - for example, collecting a customer's name and address in order to process their order
  2. Processing is necessary for legal or judicial reasons - for example, for administering justice or law enforcement, such as using their bank details to process a refund
  3. Processing is necessary to protect the data subject’s vital interests - as in a life or death situation where someone's medical history is made available to treat them in an A&E department after a road accident
  4. Processing is necessary to perform a task carried out in the public interest - for example, exercising statutory, governmental or public functions (collecting taxes, etc)
  5. Processing is necessary for legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject - for example, where a finance company uses a debt collection agency to track down a customer who has moved without telling them of a change of address. There is a legitimate interest to recover the debt.

Leave a comment

Tick

eBook: Essential Uncovered

Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

Download now

How to Manage the Compliance Personas in Your Company

Rory has no time for rules, especially the pointless ones that add a lot of work for no apparent benefit. When he encounters such rules, his first thought is to find a work-around. Andy doesn't mind ...

Read More
FCA Compliance News - November 2018

An overview of the most recent and upcoming changes to FCA guidelines for senior managers...   Regulatory Update The last six weeks have been a very busy time for the UK regulators, with both the ...

Read More
Compliance Essentials News - November 2018

This blog is dedicated to bringing you the news that touches the people dimension of regulatory compliance. It's not only about regulations, policies, procedures and systems. It's also about people, ...

Read More
Getting personal: five ways to engage staff with compliance training

It's an on-going struggle for most companies to engage their staff with compliance training. There's a constant stream of new regulations and tweaks to existing ones. And many of these require ...

Read More