On 25 May 2018, the General Data Protection Regulation (GDPR) comes into effect in the EU and across the United Kingdom. The GDPR replaces the Data Protection Act and ushers in expanded rights to individuals and their data, and places greater obligations on businesses and other entities that process personal data.
While the GDPR includes a number of important changes regarding cyber-security and data management, one of the most important changes involves strengthening the standards of obtaining consent to process data. Failure to obtain proper consent to process data, which includes contacting individuals, risks whopping fines. The GDPR’s maximum fine tops out at €20 million, or 4 per cent of global turnover, whichever is higher. The consequences are steep and there is no room for error.
But GS Group is here with guidance from the Information Commissioner’s Office (ICO) to help your business obtain consent from prospects and clients while staying compliant with the GDPR. The checklist and best practice guidance below allows you to examine your own consent processes.
To comply with the GDPR’s consent requirements and decide whether your existing consents meet the new, higher GDPR standard, your consent mechanisms should demonstrate the following:
Access the full checklist here: Obtaining Consent Under the GDPR Checklist