I have a charity that has 20000 emails on a database but they have no record of consent, they would like to sent a email asking if they can contact the people on their database is this ok in relation to GDPR?
Unless the 20000 emails belong to the members of the charity you would need to reach out to get consent from the data subject before engaging them is email and SMS marketing activities. If you don`t have the means to prove that consent was given is a if it does not exist.
Makes sure that the consent fulfills the requirements of the EU GDPR namely to be freely given, specific, informed and unambiguous indication of the individual’s wishes. You must keep records so it can demonstrate that consent has been given by the relevant individual.