If someone has subscribed to receive communications from us (for example, we have an E-alert service on our website), do these people need to opt back in to GDPR? We have gotten emails from a few companies asking us to re-subscribe to continue receiving information, but I wasn’t sure if this was considered mandatory under the GDPR, as technically, the individuals had already subscribe of their own accord, pre-GDPR. Hope that makes sense, and thanks in advance for your help.
Where consent has been given under the Data Protection Directive, it will continue to be valid under the EU GDPR if it also meets the requirements of the Regulation.
This may be difficult given the new and stringent requirements for consent. In theory, you should therefore consider approaching your existing customers to obtain a fresh consent that is valid under the EU GDPR. Be aware that opt-out consents are not valid under the EU GDPR.
Basically you need to benchmark the consents you already have against the requirements of the EU GDPR and if the consents meet those requirements you need to do nothing if they don`t you need to reach out to the individuals to get new compliant consents.