Will Legacy data Be Useable After GDPR?
What happens to the data you have collected under existing laws when GDPR is enforced?
Many commentators believed there may be leniency, but I wouldn’t count on it.
The Regulation is clear that where consent has been given under the Data Protection Directive, it will only be valid if it also meets the requirements under GDPR.
Again a fantastic input from the GMA and the Data Protection Network in clarifying one of the biggest questions in the industry ”Can we still use any data collected under the historical or current consent process.
” Steve Wood, the UK’s Information Commissioner’s Office Head of International Strategy and Intelligence recently commented at an IAPP event: “Will there be a grace period? No. You will not hear talk of grace periods from people at the ICO. That’s not part of our regulatory strategy.” He continued: “What you will see is a common-sense, pragmatic approach to regulatory principles.”
Be warned if a customer complains after 25 May 2018, about receiving a marketing communication and you can’t prove you have adequate consent; this complaint could be escalated to the Regulator and you will be in breach.
So that seems to clarify it. All your legacy data will need to be repermissioned using the GDPR consent requirements if you intend to maintain the same commercialisation of your data post 25th May 2018 as you do today.
We will bring you more updates as and when we clarify them.