Guest user Created: Aug 10, 2021 Last commented: Aug 19, 2021

Complying with GDPR

I have a question regarding GDPR. We would like to share specific information with registered members that belong to research/education institutions. When the user registers he would give information about institution where he works. Can we comply with GDPR if we wanted to check whether this person works at the institution as he stated (via this possibility would be explaied in privacy policy before registration).

0 0

Assign topic to the user

Select user

Expert

Alessandra Nisticò Aug 19, 2021

Yes, this purpose shall fall under the legitimate interest (Art. 6 par. 1 let. f GDPR) as an anti-fraud purpose. You need to explain it in the privacy notice but you do not need the consent of the data subject.

Here you can find more information about the legal basis for data processing:

Is consent needed? Six legal bases to process data according to GDPR: https://advisera.com/eugdpracademy/knowledgebase/is-consent-needed-six-legal-bases-to-process-data-according-to-gdpr/
Four main questions for obtaining and managing data subjects’ consent under GDPR: https://advisera.com/eugdpracademy/knowledgebase/four-main-questions-for-obtaining-and-managing-data-subjects-consent-under-gdpr/

If you need to understand how to implement EU GDPR in your project you may consider enrolling in our free EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course/

Quote

0 1

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Aug 10, 2021

Aug 19, 2021

Expert Advice Community