The first rule of data protection is: You may only use data if such use is justified. Without exception. Every time we use data we must have justifiable grounds for being able to process or handle that data. And according to the GDPR, “processing” basically includes everything that can be done with data. From collection to use to deletion.
But when is the use justified? You need to check – or have checked – whether one of the following three points apply:
1. It is allowed or even required by statute or it is necessary for compliance according to legal obligations.
2. You need to process the data to fulfill your contract.
3. The legitimate interest in processing the data outweighs the legitimate interest of the data subject.
If none of the three points apply, you definitely need the data subject’s consent.
Learn more about data protection in our “data protection for employees” course.
Call or contact us:
+49 30 217 8066
Customer Service Manager and his team are available
Mon – Fri from 8:30 to 19:00 CET
Your information will of course be treated confidentially. Data transmission is encrypted. Further information can be found in our data protection declaration.