This repository has been archived by the owner on Aug 3, 2022. It is now read-only.
GDPR compliance - do you have explicit consent from the individual #1
Labels
bug
Something isn't working
Comments
|
@ldodds @drchristhorpe just pasting in Chris' comment: "Leigh and I were discussing this earlier and both felt that it should be consent for the data to be part of the Open Data feed. Providers will absolutely have other reasons for storing/processing but it should be a consent to share/publish" We got pushback on that logic from the lawyer during GDPR stuff - he favoured only prescribing lawful basis where necessary - it might be worth us checking this with a legal beagle of some description? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In some cases the publisher does not need to seek explicit consent, as legitimate interests or contract may be sufficient lawful basis for processing. Should be updated to "GDPR compliance - do you have sufficient lawful basis for publishing data from these data subjects as open data"
The text was updated successfully, but these errors were encountered: