Data Protection and GDPR Level 3 for Managers and Business (VTQ)

64 videos, 2 hours and 55 minutes

Course Content

Lawful Basis

Video 59 of 64
6 min 21 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

Understanding GDPR Lawful Basis for Data Processing

Identifying Lawful Basis

Under GDPR: Identifying the lawful basis for processing data is crucial.

Different Basis for Different Activities: Six lawful bases exist, with four commonly applicable to businesses.

1. Consent

  • Real Choice and Control: Consent gives individuals control over their data.
  • Withdrawal: Individuals can withdraw consent at any time.
  • Considerations: Assess whether you'd be willing to delete all their data upon request.

2. Contract

  • Fulfilling Contracts: Used when processing data to fulfill contractual obligations.
  • Limitations: Data can only be used for contract fulfillment.

3. Legal Obligation

  • Compliance: Relied upon to meet legal obligations.
  • Statutory Requirements: Applies to common law or statutory obligations.

4. Legitimate Interest

  • Flexibility: Flexible but must not override individual interests.
  • Balancing Test: Conduct a balancing test before processing.

5. Vital Interests

  • Life Protection: Used when processing data to protect someone's life.

6. Public Task

  • Official Authority: Relates to processing tasks in the public interest as set out in law.

Choosing the Right Basis

Compatibility: Ensure processing activities align with chosen lawful basis.

Multifaceted Approach: Utilize multiple lawful bases if necessary.

Consent in Direct Marketing: Consent is the most suitable basis for direct marketing.

GDPR Compliance Tips

  • Granular Consent: Provide clear options for consent, such as for newsletters or marketing emails.
  • Immediate Compliance: Cease processing data upon withdrawal of consent.
  • Easy Unsubscribe: Provide visible unsubscribe links in emails.
  • Record Unsubscribers: Maintain records to prevent accidental recontacting.
  • Privacy Policy Link: Include a link to the privacy policy in all communications.

Building trust through transparency and providing control over data enhances customer relationships.

``` This HTML document provides detailed information on GDPR lawful basis for data processing, including the six lawful bases, considerations for choosing the right basis, and compliance tips for businesses, especially regarding consent and direct marketing. It emphasizes the importance of transparency, immediate compliance with withdrawal requests, and providing easy unsubscribe options to build trust with customers.