Italics.) The text of Section 1.8 (b) is unchanged, but is renumbered Section 1.7 (b). White House Memoranda On March 19, 2002, White House Chief of Staff Andrew H. Issued a memorandum to the heads of all executive departments and agencies regarding the safeguarding and protection of sensitive homeland security information. Content created by Office for Civil Rights (OCR) Content last reviewed on August 31, 2020. Telephone Consumer Protection Act of 1991 Full Title: Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991 Document Type(s): Compliance Guide. Privatus represents and places each brand to maximize sales and growth. We connect brands with a wide range of distributors, wholesalers, and chain buyers. When matching a brand with a distribution strategy we make sure that it compliments a partners overall portfolio.
At a glance
- You can rely on this lawful basis if you need to process the personal data to comply with a common law or statutory obligation.
- This does not apply to contractual obligations.
- The processing must be necessary. If you can reasonably comply without processing the personal data, this basis does not apply.
- You should document your decision to rely on this lawful basis and ensure that you can justify your reasoning.
- You should be able to either identify the specific legal provision or an appropriate source of advice or guidance that clearly sets out your obligation.
In brief
What does the GDPR say?
Article 6(1)(c) provides a lawful basis for processing where:
“processing is necessary for compliance with a legal obligation to which the controller is subject.”
When is the lawful basis for legal obligations likely to apply?
In short, when you are obliged to process the personal data to comply with the law.
Article 6(3) requires that the legal obligation must be laid down by UK or EU law. Recital 41 confirms that this does not have to be an explicit statutory obligation, as long as the application of the law is foreseeable to those individuals subject to it. So it includes clear common law obligations.
This does not mean that there must be a legal obligation specifically requiring the specific processing activity. The point is that your overall purpose must be to comply with a legal obligation which has a sufficiently clear basis in either common law or statute.
You should be able to identify the obligation in question, either by reference to the specific legal provision or else by pointing to an appropriate source of advice or guidance that sets it out clearly. For example, you can refer to a government website or to industry guidance that explains generally applicable legal obligations.
![Protection Protection](https://i2.wp.com/a2.mzstatic.com/us/r30/Purple19/v4/d4/37/eb/d437eb32-c64e-c399-0221-f4095f43c79f/screen800x500.jpeg?resize=700%2C438)
Example
An employer needs to process personal data to comply with its legal obligation to disclose employee salary details to HMRC.
The employer can point to the HMRC website where the requirements are set out to demonstrate this obligation. In this situation it is not necessary to cite each specific piece of legislation.
Example
A financial institution relies on the legal obligation imposed by the Part 7 of Proceeds of Crime Act 2002 to process personal data in order submit a Suspicious Activity Report to the National Crime Agency when it knows or suspects that a person is engaged in, or attempting, money laundering.
![Privacy Privacy](https://is1-ssl.mzstatic.com/image/thumb/Purple114/v4/fb/62/f4/fb62f4e2-7be4-9d9f-f1dd-1f6deadd3576/pr_source.png/643x0w.jpg)
Example
A court order may require you to process personal data for a particular purpose and this also qualifies as a legal obligation.
Regulatory requirements also qualify as a legal obligation for these purposes where there is a statutory basis underpinning the regulatory regime and which requires regulated organisations to comply.
Example
The Competition and Markets Authority (CMA) has powers under The Enterprise Act 2002 to make orders to remedy adverse effects on competition, some of which may require the processing of personal data.
A retail energy supplier passes customer data to the Gas and Electricity Markets Authority to comply with the CMA’s Energy Market Investigation (Database) Order 2016. The supplier may rely on legal obligation as the lawful basis for this processing.
A contractual obligation does not comprise a legal obligation in this context. You cannot contract out of the requirement for a lawful basis. However, you can look for a different lawful basis. If the contract is with the individual you can consider the lawful basis for contracts. For contracts with other parties, you may want to consider legitimate interests.
When is processing ‘necessary’ for compliance?
Although the processing need not be essential for you to comply with the legal obligation, it must be a reasonable and proportionate way of achieving compliance. You cannot rely on this lawful basis if you have discretion over whether to process the personal data, or if there is another reasonable way to comply.
It is likely to be clear from the law in question whether the processing is actually necessary for compliance.
What else should we consider?
If you are processing on the basis of legal obligation, the individual has no right to erasure, right to data portability, or right to object. Read our guidance on individual rights for more information.
- document your decision that processing is necessary for compliance with a legal obligation;
- identify an appropriate source for the obligation in question; and
- include information about your purposes and lawful basis in your privacy notice.
Further Reading
In more detail - ICO guidance
We have produced the lawful basis interactive guidance tool, to give tailored guidance on which lawful basis is likely to be most appropriate for your processing activities.
Download Mac Privatus v6.2.7 Full Version – FREE!
Privatus has been designed from the ground up with simplicity in mind. After a quick initial setup, Privatus will take care of clearing your personal and private browsing tracks automatically after each browsing session.
- Recommendation: You may find more Premium Adobe assets (Photoshop actions, Lightroom Presets, After Effects Templates, Premier Pro Transitions,.. LUTs, Sound Effects, and many premium Tutorial Courses) for Free Download from one of our other sources here: https://gfxdrug.com (was adobedownload.org).
Privatus just works!
It has been designed for macOS Sierra, and takes the headaches out of cookie management, freeing your time to be more productive.
Clearing your cookies and cache can have the added benefit of speeding up your browsing experience.
Unlike many other Cookie managers, Privatus won’t delete your Browser Extensions!
Privatus supports all the major Mac OS X browsers: Safari, Firefox, Chrome, Chromium and Opera.
Privatus 6 1 8 – Automated Privacy Protection Devices
- Automated Cookie, Flash Cookie, Silverlight, Local Storage, Database, Cache, History, Favicons, Webpage previews, Form values and Downloads removal
- One time setup, and forget
- Accessible from the system menu bar
- Highly intuitive
Home Page: https://privatusapp.com/
Privatus 6 1 8 – Automated Privacy Protections
- CAN NOT DOWNLOAD: Some probably encounter the following error: This site can’t be reached ..sundryfiles.com’s server IP address could not be found. DNS_PROBE_FINISHED_NXDOMAIN. In this case, please use Google DNS and you will get rid of trouble.
- If downloaded file can not be extracted (file corrupted..), please make sure you have downloaded the file completely and don't use Winzip, it sucks! We would recommend using The Unarchiver.
- By reason, the App does not work and can not be opened. Mostly, just Disable the Gatekeeper, and you get rid of troubles.