gdpr   4039

« earlier    

Most GDPR emails unnecessary and some illegal, say experts | Technology | The Guardian
Most GDPR emails unnecessary and some illegal, say experts
Many firms have the required consent already; others don’t have consent to send a request

Alex Hern

@alexhern
Mon 21 May 2018 17.21 BST Last modified on Mon 21 May 2018 17.48 BST
Shares
5,361

Inboxes have been flooded lately with GDPR-related emails. Photograph: Alamy
The vast majority of emails flooding inboxes across Europe from companies asking for consent to keep recipients on their mailing list are unnecessary and some may be illegal, privacy experts have said, as new rules over data privacy come into force at the end of this week.

Many companies, acting based on poor legal advice, a fear of fines of up to €20m (£17.5m) and a lack of good examples to follow, have taken what they see as the safest option for hewing to the General Data Protection Regulation (GDPR): asking customers to renew their consent for marketing communications and data processing.


Why the GDPR email deluge, and can I ignore it?
Read more
But Toni Vitale, the head of regulation, data and information at the law firm Winckworth Sherwood, said many of those requests would be needless paperwork, and some that were not would be illegal.

“Businesses are not required to automatically ‘repaper’ or refresh all existing 1998 Act consents in preparation for the GDPR,” Vitale said. “The first question to ask is: which of the six legal grounds under the GDPR should you rely on to process personal data? Consent is only one ground. The others are contract, legal obligation, vital interests, public interest and legitimate interests.
guardian  privacy  legal  data  GDPR  article 
43 minutes ago by ndf
GDPR Compliance: Interactions Says "We Have an API for That!" -
“Right to Access” – Using the API, the customers of Interactions clients will be able to request and receive an an electronic report that contains all the personal information that is being stored in Interaction’s database
“Right to be Forgotten” – In compliance with GDPR standards, the API automatically provides a confirmation of the erasure of personal data, complete with a date and timestamp.
gdpr  api 
2 hours ago by yorksranter
EU's heftigste lovpakke hedder GDPR: Gigantisk Demokratisk PRøvelse | Udland | DR
Her er historien bag GDPR - EU's databeskyttelseslov, som nær aldrig var blevet til.
gdpr 
2 hours ago by krestenjacobsen

« earlier