Professional Documents
Culture Documents
Ray Everett
Principal Consultant &
Director of EMEA/Global Consulting
TrustArc
• Approaches to Consent
• Consent
• Performance of a Contract
• Legal Obligation
• Vital Interests of the Data Subject
• Public Interest
• "[L]egitimate interests pursued by the controller or
by a third party, except where such interests are
overridden by the interests or fundamental rights
and freedoms of the data subject…"
• Consent
• Performance of a Contract
• Legal Obligation
• Vital Interests of the Data Subject
• Public Interest
• "[L]egitimate interests pursued by the controller or
by a third party, except where such interests are
overridden by the interests or fundamental rights
and freedoms of the data subject…"
(emphasis added)
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/legitimate-interests/
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/legitimate-interests/how-do-we-apply-legitimate-
interests-in-practice/
• Lawful Basis
Assessment
– Shaped by many inputs
(ICO's LIA, DPN, etc.)
– Identifies applicability
of each potential basis
– Document how your
reached your decision
– Can be process-centered or data element/category
centered (aligned with your records in Data Flow
Manager)
(TrustArc platform customers can have this added to their account)
Approaches to Consent
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/consent/
Augment with:
• TrustArc Direct Marketing Consent Manager
• TrustArc Individual Rights Manager
• TrustArc Cookie Consent Manager
• TrustArc Dispute Resolution Manager
• TrustArc Ads Compliance Manager
Conclusions
Questions?
Register now for our next webinar: "Getting to Know the New
European Data Protection Board (EDPB)" on Wed. July 25th.
Contact
Ray Everett email: reverett@trustarc.com
Thank You!