You are here:
How to choose which ‘lawful basis’ to use under the GDPR
Under the GDPR, it’s crucial to identify the lawful basis (or legal reason) you can use to justify why you process personal data. Use the process below to work out which of the 6 lawful bases to use for each of your data processing activities, and avoid wasting time seeking consent that you don't need.
- What are the lawful bases and why do they matter?
- Public task
- Legal obligation
- Fulfilling a contract
- Vital interests
- Legitimate interests
- Additional conditions for special category and criminal offence data
- What do we do once we've identified our lawful basis?
More from The Key
Covering topics including differentiation, assessment, SEND and growth mindset, CPD Toolkit has been created by subject experts and tested by teachers to guarantee practical, engaging training that's also excellent value for money.
The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence.