New EU General Data Protection Regulation (GDPR)
Posted: Sun Feb 02, 2025 4:03 am
EU General Data Protection Regulation:
The new European data protection law and the impact on email marketing
From May 2018, Europe will have a new, in some parts stricter data protection law - the EU General Data Protection Regulation (GDPR) . When the new legislation comes into force, the national data protection regulations will largely be replaced.
The regulations on electronic communication are also to be standardized across Europe in an ePrivacy Regulation . The subject of data protection is often unpopular, but due to the new sanctions framework of fines of up to 20 million euros , companies can no longer avoid dealing with the new legislation.
In the following series of articles , data protection officer and lawyer David Oberbeck gives you an initial overview of the provisions that are relevant to you in practice.
Data Protection Officer and Lawyer David Oberbeck
Part 1:
Basics of the new EU General Data Protection Regulation
An important principle of data protection law remains intact:
The ban with permission reservation
The already well-known principle that “personal data may only be processed with the consent of the data subject or on the basis of a legal permission” remains in place in the GDPR. The digital industry in particular had tried to work towards watering down the consent requirement through alternative permission regulations during the legislative process.
Data security for email marketing
However, it has not succeeded in doing so, which is why future data processing will continue to be based largely on the consent of those affected.
It remains to be seen whether this will be helpful for both companies and users. In the age of tracking, retargeting and personalized user accounts, the processing and storage of personal data is almost bahrain phone number data unstoppable. It is at least questionable whether users can keep track of this with page-long explanations. The law also requires that declarations of consent are written in clear and simple language and clearly distinguished from other facts. What exactly this looks like will be explained in more detail in another article. In practice, there will definitely be extensive changes in the design and request for data protection consent .
Legal exceptions
However, outside of consent, there will continue to be legal permissions that justify data processing without consent . These include, for example, processing to execute a contract, to fulfill a legal obligation and processing to protect the legitimate interests of a company - provided that the interests and fundamental rights of the users concerned do not outweigh them.
In case of doubt, however, the user's personal rights will continue to take precedence, which is why many new (and existing) business models cannot be justified on this basis. For example, the processing of names and addresses is still permitted if this information is required for the shipping of goods. In the future, however, user tracking will hardly be justified without the user's consent. In this case, the user's personal rights generally prevail. Digital business models must therefore think carefully about which personal data they are even allowed to use without their express consent.
The new European data protection law and the impact on email marketing
From May 2018, Europe will have a new, in some parts stricter data protection law - the EU General Data Protection Regulation (GDPR) . When the new legislation comes into force, the national data protection regulations will largely be replaced.
The regulations on electronic communication are also to be standardized across Europe in an ePrivacy Regulation . The subject of data protection is often unpopular, but due to the new sanctions framework of fines of up to 20 million euros , companies can no longer avoid dealing with the new legislation.
In the following series of articles , data protection officer and lawyer David Oberbeck gives you an initial overview of the provisions that are relevant to you in practice.
Data Protection Officer and Lawyer David Oberbeck
Part 1:
Basics of the new EU General Data Protection Regulation
An important principle of data protection law remains intact:
The ban with permission reservation
The already well-known principle that “personal data may only be processed with the consent of the data subject or on the basis of a legal permission” remains in place in the GDPR. The digital industry in particular had tried to work towards watering down the consent requirement through alternative permission regulations during the legislative process.
Data security for email marketing
However, it has not succeeded in doing so, which is why future data processing will continue to be based largely on the consent of those affected.
It remains to be seen whether this will be helpful for both companies and users. In the age of tracking, retargeting and personalized user accounts, the processing and storage of personal data is almost bahrain phone number data unstoppable. It is at least questionable whether users can keep track of this with page-long explanations. The law also requires that declarations of consent are written in clear and simple language and clearly distinguished from other facts. What exactly this looks like will be explained in more detail in another article. In practice, there will definitely be extensive changes in the design and request for data protection consent .
Legal exceptions
However, outside of consent, there will continue to be legal permissions that justify data processing without consent . These include, for example, processing to execute a contract, to fulfill a legal obligation and processing to protect the legitimate interests of a company - provided that the interests and fundamental rights of the users concerned do not outweigh them.
In case of doubt, however, the user's personal rights will continue to take precedence, which is why many new (and existing) business models cannot be justified on this basis. For example, the processing of names and addresses is still permitted if this information is required for the shipping of goods. In the future, however, user tracking will hardly be justified without the user's consent. In this case, the user's personal rights generally prevail. Digital business models must therefore think carefully about which personal data they are even allowed to use without their express consent.