Complianz Privacy Suite

What lawful basis for Data Processing?

Mathieu

Mathieu

Categories

Popular articles

Redirect Policy URL based on Region

How to redirect your policies based on region Some users might have checked all three regions to enable Complianz’s specific region cookie management. For these

Read More
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Principles of collection of personal data: from legal basis to consent

If you have a simple website with a separate contact form, you already collect personal data. Since the introduction of the GDPR, collecting personal data means that you have to meet various requirements. For example, the data must be stored in a safe place, you must have a legal basis or permission to collect the data, and so on.

In this article, we’ll tell you more about the grey area between these legal bases and the need to seek permission. In any case, by asking users for permission, you are on the safe side!

Six different legal principles

There are six different legal principles on the basis of which personal data may be collected. If you do not comply with at least one of these principles, it is not permitted to collect and process personal data. Keep in mind that in some cases it is necessary to draw up a processing agreement. This applies, for example, if you have the personal data processed by an external party. Think of an accounting firm that carries out the payroll administration for you.

Below you will find a brief overview of the six legal bases for collecting personal data:

– You have permission from the persons involved;
– The processing of data is necessary to be able to execute an agreement;
– The processing of data is necessary to comply with a legal obligation;
– The processing of data is necessary to protect vital interests;
– The processing of data is necessary for the performance of a task that is in the public interest or in the exercise of public authority;
– The processing of data is necessary for the protection of legitimate interests.

As an organisation or person, you are responsible for estimating your appeal to one of these principles. If you are in doubt, it is advisable to always ask permission from a person.

Exceptions to these principles

It is not always possible to use these guidelines to determine your right to collect and process personal data. This applies, for example, to special and criminal personal data, which may not be processed without meeting additional, more stringent requirements. In this case, special data includes, for example, data relating to a person’s health. It is not only medical and criminal data that the Authority considers personal data to be special. Personal data about a person’s race or ethnic origin, personal data about political opinions and, for example, personal data about religious and/or philosophical beliefs also fall under the category of special personal data. Did you know that also someone’s sexual orientation does not automatically fall under “normal” personal data?

Because of the broad category with special personal data, it is advisable to minimize the collected data of persons. This way you avoid having to meet stricter requirements. Often a lot of this data is not relevant, which means that collecting and processing it is no longer necessary.

On the internet you can read more about the requirements you have to meet in such situations. It is advisable to seek prior advice from an independent party such as the lawyers at ICTRecht Groningen before collecting and processing such information.

If you only process the data for personal use, for example within a circle of family or acquaintances, you do not have to comply with these legal principles. For example, you could think of keeping a personal calendar with the birthdays of friends and family.

 

Related articles

5 Responses

  1. Where can I find anything on your page regarding integration with Contact Form 7? I have activated Contact Form 7 integration but my contact form doesn’t show any GDPR consent checkbox. I have spend hours trying to find anything on the net. Please add a “How to” on your website. This feature is really totally disregarded by you guys. Thanks!

Leave a Reply

Your email address will not be published.

Subscribe

We have released 4.0 for Premium. For more information about Cookiedatabase.org and New Features...