Hero Image


PRIVACY CULTURE

Lawful basis for processing

A detailed one-day practical workshop designed for compliance teams and other professionals
responsible for determining a lawful basis for processing personal data in accordance with the UK GDPR

Book Now

Course Features

Short day session 10am - 3pm

Experienced instructor

Record of attendance

Public schedule

In-company options

Course Overview

When planning a new processing activity or making changes to an existing one, a critical first step is determining whether there is a valid legal reason for processing the personal data in question. 

Outside data protection circles, consent is often believed to be the main justification for processing. However, consent is just one of several lawful grounds established by the UK General Data Protection Regulation (GDPR). While consent would serve as a valid legal basis for many processing activities, there are instances, such as where a power imbalance exists, in which a different legal basis may be more appropriate.

Article 6 of the GDPR states that the processing of personal data is only permitted where it meets the criteria for one of six lawful bases: consent; performance of a contract; compliance with a legal obligation; protecting the vital interests of the data subject; carrying out a task in the public interest or in the exercise of official authority vested in the controller; and legitimate interests. 

This practical one-day training course is designed for compliance teams and individuals responsible for implementing new projects that involve the processing of personal data. The course aims to help participants identify the correct lawful basis for processing and understand any associated legal obligations.

Course Costs

Book this 1-day course on the Lawful Basis for Processing:

£395 + VAT

Package includes:

Book now

Intended Audience

This one-day course on the Lawful Basis for Processing is suitable for those individuals with the following roles or responsibilities: 

  • Data protection practitioners
  • Information governance professionals
  • Governance, Risk and Compliance (GRC) professionals
  • Information security, IT security and IT professionals
  • Privacy engineers
  • AI governance professionals
  • Project and product managers
  • Business users with personal data processing responsibilities
Course Contents:

Processing personal data    

  • What is processing?

The Principles

  • How the principles work
  • Accountability
  • Linking the principles with lawful processing

Lawful Processing

  • Consent
  • Conditions of consent
  • Contract
  • Legal obligation
  • Vital interests
  • Public Task
  • Legitimate Interest 
  • Legitimate Interest Assessments (LIAs)

Special category data

  • What is included within special categories of data?
  • Additional safeguarding conditions
  • Overview of the Article 9 conditions
  • Explicit consent 
  • Employment, social security and social protection law. 
  • Vital Interests
  • Not-for-profit bodies
  • Made public by the data subject
  • Legal claims
  • Substantial public interest
  • Health or social care
  • Public health
  • Archiving, research and statistics

Criminal Offence Data

  • What is Criminal offence data?
  • Who can process criminal offence data?
  • Schedule 1 Conditions for criminal offence data

Book Now

Our clients