Expert Advice Community

Guest

Consent required

  Quote
Guest
Guest user Created:   Jan 18, 2018 Last commented:   Jan 18, 2018

Consent required

Where a company has an existing mailing list for emails, is consent required? If they're already doing business with the company, is consent required? Is consent required before sending an initial email?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Jan 18, 2018

Answer:

As regards to the existing emailing list, if the legal basis for processing, where consent has been given under the Data Protection Directive, it will continue to be valid under the Regulation if it also meets the requirements of the Regulation. For example, check that when you obtain the consent you were not using pre-ticked boxes and the request for consent was separate from other matters.

If you have emails of partners you can use “contract necessity as a legal basis for processing assuming you have an already existing contractual arrangement".

As for obtaining the consent by contacting the data subject on email, I would advise against that because by sending an email you are already processing personal data and you would need a legal basis for this.

As key take always:
- Review your existing processes to obtain consent to establish if they are valid under the Regulation;
- Consider if you can rely on an alternative basis for processing;
- If you do want to use consent, put in place processes to record and act on a withdrawal of consent.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 18, 2018

Jan 18, 2018

Suggested Topics

Guest user Created:   Jan 19, 2023 EU GDPR
Replies: 1
0 0

GDPR in Sweden

wasima Created:   Jan 15, 2023 EU GDPR
Replies: 1
0 0

Data protection by design

Guest user Created:   Jan 09, 2023 EU GDPR
Replies: 1
0 0

Joint Controllers