You are here:
UK GDPR: choose your ‘lawful basis’ for processing personal data
Under the UK GDPR, you must identify a lawful basis (or legal reason) you can use to justify why you process personal data. Use our guidance to work out which of the 6 lawful bases to use and avoid wasting time seeking consent you don't need.
Contents
- You must identify a lawful basis to process personal data
- Summary of each basis
- Use the Information Commissioner’s Office (ICO)'s self-assessment tool to identify which basis you can use
- Guide to completing the self-assessment
Additional conditions for special category and criminal offence data- What do we do once we've identified our lawful basis?
- 'Cheat sheet' for data protection officers
- Child protection records: transfer guidance
- Data protection impact assessments
- Data protection impact assessments: template and checklist
- DPO's report to governors: template
- Email security: sending personal data
- Freedom of information: responding to requests
- GDPR: at what age can pupils give consent?
- GDPR compliance for visiting staff
- GDPR jargon buster
- GDPR mythbuster
- GDPR: personal data breach procedure
- GDPR: seeking consent for processing personal data
- GDPR: sharing safeguarding information
- Help your staff understand the GDPR: posters and handout
- How to respond to subject access requests in the summer holidays
- International data transfers under the UK GDPR
- Parents' right to access their child's educational record
- Poll results: how is the DPO role taking shape?
- Poll results: who are schools choosing as their data protection officer?
- Pupil records: transferring to other schools or providers
- Role of the data protection officer (DPO) Updated
- Schools' reporting requirements
- 'Special category' data under the UK GDPR Updated
- Subject access requests: guidance and template forms
- Taking and displaying pupil photos and information
- Taking documents home: securing personal data
- QuickRead: The UK GDPR
- The UK GDPR: summary
- UK GDPR audit
- UK GDPR: ensuring your suppliers are compliant Updated
- UK GDPR: template record of processing activities
- UK GDPR: using apps and online services with pupils Updated
- Using personal devices: securing personal data
More from The Key
Bitesize training with a big impact
Our on-demand training has your whole board covered and lets them learn at a time and pace that suits them.
Help your new governors hit the ground running with our expertly-designed induction training, and our role-specific courses support your link governors develop key skills and confidence in their role.
Upskill your staff, any time, anywhere with CPD Toolkit.
The most effective way to deliver engaging virtual training to support the professional development of your staff.
Downloadable courses and 5-minute online summaries provide flexibility for training, whether staff are participating in-school, via video call or independently at their own pace.
- In the news: Your weekly round-up for 30 April - 7 May 2021 7 May 2021 08:00 New
- In the news: Your weekly round-up for 23 - 30 April 2021 30 Apr 2021 08:00 New
- In the news: Your weekly round-up for 16 - 23 April 2021 23 Apr 2021 08:00 New
- In the news: Your weekly round-up for 9 - 16 April 2021 16 Apr 2021 08:00 New
- In the news: Your weekly round-up for 2 - 9 April 2021 9 Apr 2021 08:00
The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence v3.0.