Lawful Grounds for using personal information under GDPR

legal services to people
in business

Email: info@mmcloughlinsolicitors.com
Phone: +353 71 9134513
Mobile: +353 87 6674534

Lawful Grounds for using personal information under GDPR

There are 6 lawful grounds under which a business can process the personal information of a living individual for data protection purposes following the General Data Protection Regulation (GDPR).

Six lawful grounds to legally process personal information

The 6 lawful grounds to process an individuals personal information for data protection purposes following the commencement of the are:

 

1.    We need to do so to perform our contract with the individual or to take steps prior to entering into a contract with an individual in response to a request from an individual.

For example to use an address to make a delivery and to use an email address to reply to a request to provide a quote to an individual or respond to an unsolicited request. We use our employees' bank details to make a payment of salary to them.

 

2. We need to do so to comply with a legal obligation.

For example we need to obtain the PPS number of employees to comply with tax laws. We may need to obtain the VAT number from customers. Depending on our business we may be subject to regulatory rules. For example solicitors have to obtain identification documentation for their clients.

 

3. We need to use the information to protect the vital interests of an individual or another person.

For example in an emergency medical situation we may need to access details of an individual.

 

 

4. We need to do so to exercise official authority or a public interest task – for public authorities to comply with their statutory obligations so this ground will most likely not apply to most businesses.

 

5. We need to do so for our legitimate interests or the interests of a third party.

In order to rely on this ground we must have:

(a) A legitimate interest;

(b) The processing is necessary for the legitimate interest; and

(c) After having carried out a balancing test, the legitimate interests of the business or a third party override the rights of the individual.

 

This assessment should be carried out and documented before a business relied on the legitimate interest ground.

For example a legitimate interest  may include the use of CCTV at a place of work for security purposes.

 

6. We have obtained the consent from the individual to use their information for one or more specific purposes.  For more information on consent please check out the Consent article.

 

For further information please contact us.
 

Disclaimer

The material in this article is for general information purposes only and does not constitute legal or taxation advice. Specific legal and taxation advice should be sought before acting. All information and taxation rules are subject to change without notice.

No liability whatsoever is accepted by M. McLoughlin & Co. for any action taken in reliance on the information in this article

Twitter

 


Book an appointment Downloads Subscribe Contact Us

Make Appointments

Subscribe to our newsletters

By signing up to the newsletter I consent to the use of my data to receive information relating to services, events, articles and information about the firm.