The EU General Data Protection Regulation will enter into force in the not too distant future, and the fourth set of guidelines on the GDPR has therefore been issued.
The Danish Data Protection Agency and the Danish Ministry of Justice recently issued their fourth set of guidelines on the GDPR. This time, the guidelines concern processing consent.
The GDPR introduces stricter rules on consent by listing several specific conditions for when consent is a valid basis for processing. In addition, additional requirements are introduced with regard to the documentation required to show that valid consent has been obtained.
The guidelines may serve as a guide for when valid consent has been obtained and what the consequences will be if consent is withdrawn. Moreover, the last part of the guidelines contains a check list which may be used to check that all conditions have been satisfied. The guidelines involve the Bill that was recently introduced in the Danish Parliament to supplement the provisions of the GDPR, which proposes among other things to allow processing of employee data based on the employee’s consent.
The guidelines are available here (in Danish).
The content of the above is not, and should not be a substitute for legal advice.