Part I: Untangling the GDPR and the e-Privacy Directive
This is the first post in a four part series on GDPR and email marketing.
Your email in-box has probably finally recovered from the wave of GDPR opt-in requests and notices that peaked around May 25th. But, if you’ve followed the privacy press or the statements from EU regulators, you’re probably left wondering what it was all for. Many statements made in news stories (both in the U.S. and the EU) and by commentators have claimed that the GDPR means no one can send marketing emails any more without your permission. But, other stories suggest that the opt-in emails and privacy notices were unnecessary or, even, inappropriate. Who’s right? And what email marketing is allowed now?
Continue reading “Stay In Touch! Email Marketing After the GDPR”
The Article 29 Working Party (WP29) released two guideline documents, WP259 and WP260, on the General Data Protection Regulation (GDPR) concepts of consent and transparency in November. Comments on both documents will be accepted by the Working Party through January 23, 2018 after which the WP29 will issue final guidance. WP29 is an independent European advisory body on data protection and privacy.
This blog post focuses on WP259, which is the guideline on consent. We have also written a companion blog on WP260, the guideline on transparency.
Guideline on Consent
The guideline provides a thorough analysis of the notion of consent, which is one of the six lawful bases to process personal data under the GDPR. Article 4(11) stipulates that consent of the data subject must be:
- Freely given.
- Unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Continue reading “Article 29 Working Party Releases Guideline WP259 on Consent under the GDPR”