Warning: file_put_contents(/home/customer/www/mmcloughlinsolicitors.com/public_html/wp-content/uploads/smack_uci_uploads/exports/.htaccess): failed to open stream: No such file or directory in /home/customer/www/mmcloughlinsolicitors.com/public_html/wp-content/plugins/wp-ultimate-exporter/wp-ultimate-exporter.php on line 164
GDPR Do I need to obtain fresh consent for General Data Protection Regulation compliance? - M. McLoughlin & Co Solicitors

Consent Assessment

You need to assess how you got the individual’s details and/or consent in the first place.

If the information was in compliance with existing law (data protection law and the ePrivacy Regulations (for direct marketing electronically for example text messages and emails) and meets the criteria for GDPR then YOU DO NOT need to seek fresh consent again.

If you obtained the information in compliance with existing law but it does not meet the higher standards required by GDPR then you may need to take action. Can you demonstrate that valid consent was obtained? Did you rely on implied or presumed consent?

If you are not in compliance with existing law you may have no right to use the information at all and have no right to contact the individual to seek consent now.


GDPR Consent

 

Carry out an assessment:

Review your current system of obtaining information and how you record obtaining consent?

Does it meet the GDPR standards?

Consider what is your lawful basis for using the information?

  • Is it to fulfil a contract?
  • Is the processing required under a statutory obligation?
  • Is it one of the other six grounds?
  • Is consent your only lawful basis? If so, then you need consent.

It is only where you need consent to have a lawful basis that you need to check your existing consents and ascertain if it is compliant or whether you need to take action to obtain compliant consent for GDPR.

Guidance

According to the European Guidance Notes issued:

“Controllers that currently process data on the basis of consent in compliance with national data protection law are not automatically required to completely refresh all existing consent relations with data subjects in preparation for the GDPR.”
 

If you require further guidance please contact us to organise a consultation.

Disclaimer

The material in this article is for general information purposes only and does not constitute legal or taxation advice. Specific legal and taxation advice should be sought before acting. All information and taxation rules are subject to change without notice.

No liability whatsoever is accepted by M. McLoughlin & Co. for any action taken in reliance on the information in this article