GDPR – Is consent always required?

  • Home
  • GDPR – Is consent always required?
  • 07
    Sep 17

GDPR – Is consent always required?

Tags : 

agree-1728448_1280-634x360[1]

Processing data under GDPR

I had a brief chat with an associate yesterday about the forthcoming General Data Protection Regulation (GDPR) and the impact it will have on HR. Then I had a long Google session seeing if the same views were being given by others. I came away feeling concerned! Why? It seems that many people are getting really hung up on GDPR and that data subject consent is an absolute must for anything to do with personal data in the future – and if you don’t get that consent or if the consent is withdrawn then many current business practices will be impossible. So for instance:

  1. An employee may be having disciplinary action taken and tells you that they are withdrawing consent for you to hold their disciplinary data – so you can’t take and store notes etc.
  2. Explicit consent must be obtained from all employees for all data collected, processed and shared about them and a contract of employment can’t be relied upon to give consent.

If not consent, what?

Consent is not the only basis upon which personal data may be lawfully processed and The Information Commissioner, herself blogged about this in August to try to bust some myths. Under GDPR there are six provisions given in Article 6 for the lawful processing of personal data:

 6(1)(a) – Consent of the data subject

 6(1)(b) – Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract

 6(1)(c) – Processing is necessary for compliance with a legal obligation

 6(1)(d) – Processing is necessary to protect the vital interests of a data subject or another person

 6(1)(e) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller

 6(1)(f) – Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject

Data Protection Impact Assessments

What organisations have to do under GDPR is to determine which lawful basis is being used to process personal data and then clearly document that decision and the reasons which have led to making it. A data protection impact assessment will help with both the decision making and the documenting of it.

In the two, simplified examples given above, it is much more likely that legitimate interests is the basis for processing personal data about a disciplinary action, Article 6(1)(f), and dependant upon the personal data collected about employees and the type of employer any of the other provisions may be more applicable than consent for processing employees’ personal data.

So consent is not a prerequisite for collection of personal data and so fears that current business practices will be impossible are generally unfounded.

When an organisation has determined that consent, Article 6(1)(A), is the lawful basis for processing personal data then the ICO has a guidance document.

The special categories of personal data (racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation) are not covered by Article 6 and may only be processed as defined in Article 9 of the GDPR.

GDPR Preparedness Toolkit Seminar

This 2 hour seminar will help you, as you take your first steps towards compliance by sharing practical insights about implementing a data security based approach in line with the Regulation. You will learn about:

  • Why you have to comply with the GDPR and what might happen if you don’t.
  • The GDPR’s direct effect on your business and the transition timelines.
  • The steps to take in preparing for compliance.
  • The technical and organisational measures your business will need to adopt to comply with the Regulation.
  • A key assessment toolkit you can use to help you to achieve compliance.

The seminar will be held at The Birch Hotel, Heywood with easy access to the M60, M62 and M66 on:

  • Wednesday, 27th September 2017, 14:00 to 16:15SOLD OUT
  • Wednesday, 25th October 2017, 14:00 to 16:15
  • Wednesday, 29th November 2017, 14:00 to 16:15

Standard tickets are £25.00

Early Bird Discount tickets are £15.00 (available only if you book within 14 days of the seminar)

Contact us on 0345 319 4887 to book or book online with Eventbrite.

News Archive

More Information (PDF)

Smarter Technologies Ltd, Unit 1 Broadfield Industrial Estate, Seymour Street, Heywood, OL10 3AJ | Company No.: 07172781 | VAT No.: 794 7491 68

 Request a Quote

What our clients say:
Andrew JennerAndrew JennerRCD Leaflets
Please pass my thanks on to the team as the whole process from quote to install was unbelievably thorough, efficient and smooth.
Nikki PriceNikki PriceInstil Bio (UK) Limited
Thank you very much for your help on a Saturday! I can’t tell you how very grateful we are to you for helping us out with this last minute request and doing it so promptly.
Andrew BeeputAndrew BeeputThe Bond Board
Smarter Technologies really understand the pressure charities are under and consider this when making recommendations. They saved us so much money – I can’t put a price on their help. It was invaluable.
Lynne SprigingsLynne SprigingsBolton Young Persons Housing Scheme
As a small charity it’s really important for us to have reliable and responsive IT support, which Smarter Technologies supplies.
Jim GowmanJim GowmanYMCA Black Country Group
Just to say to the Smarter Technologies team, thanks for a very smooth transition into the 21st Century of IT with our upgraded equipment. All aspects of the installation have received positive feedback from day one.
Richard BoydRichard BoydRed Flame Marketing
I found the IT support for my small business to be excellent. Everything is clearly explained in non-technical language; prompt service and very affordable. Will be recommending Smarter Technologies to other businesses. (In fact, I already have!).
Jane HaywardJane HaywardYMCA Black Country Group
The service I have received has been excellent, from the initial meeting where the process was explained to managers, right down to coming out to go through SharePoint with me.
Bill LeesBill LeesThe Housing Link (2003)
Smarter Technologies make so many complicated things sound clear and understandable in a way that I completely understand.
Tracey PeaceTracey PeaceRamsbottom Kitchen Company
The Smarter Technologies team are like extended members of our staff and always go the extra mile. The team come in early and stay until they finish – they even lock up for us.
David Lackner-SmithDavid Lackner-SmithThe Sanctuary Trust
It’s great being able to rely on such prompt service from Smarter Technologies, it really gives us peace of mind knowing that our IT support is provided by a team that will go the extra mile.
Graham EvansGraham EvansThe Housing Link (2003)
We have a tight budget and Smarter Technologies has enabled us to ‘work smarter’ and provide fast assistance to those who need it. It has played an integral role in the success of this charity.
Jim GowmanJim GowmanYMCA Black Country Group
I want to pass on the thanks received today from across all parts of the YMCABC teams about how robust the IT systems have been. We have had to get to grips with remote working and with this pandemic it has come into its own.
Dave BagleyDave BagleyUrban Outreach (Bolton)
Thanks again for the swift response from Smarter Technologies to our IT needs recently. All is working perfectly.
Maura JacksonMaura JacksonBackup North West
Smarter Technologies have looked after our IT for well over 10 years. They are fabulous, knowledgeable, hard working, thorough, reliable, good value for money and proactive.
Sharon HamerSharon HamerThe Housing Link (2003)
Thank you for all your advice, help and support. I would not hesitate to recommend Smarter Technologies.
prevnext

© 2011-2024 Smarter Technologies Ltd  |  Privacy Statement

%d bloggers like this: