View related news articles
As a result, many people’s email inboxes are being bombarded by companies requesting that you “renew” your consent to be contacted.
However, this ‘safety first’ email approach is in many cases unnecessary and may prove to be counter-productive.
The GDPR states that you can continue to rely on any existing consent that was given in line with the GDPR, however you must make sure that this consent meets the GDPR standards and is properly documented.
Our specialist Data Protection team have consistently advised companies that the GDPR does not necessarily require them to obtain renewed consent from their customers. Therefore, before renewed consent is requested, a company should be asking itself:
If the company’s original consent satisfies the current threshold under the Data Protection Act, then the consent is likely to meet the consent requirements under the GDPR.
The good news for companies is that the time-consuming process of contacting their customers and the risk of a significant drop out of customer contacts can be avoided by taking the correct legal advice.
If a company does not have consent or cannot rely on “soft opt in” under existing laws, then sending emails to your clients requesting renewed consent is a breach under the current data protection and e-privacy rules.