.png){kind=logo}
Manage personal data as a trainer
Along with the EU's General Data Protection Regulation (aka the GDPR), which entered into force on the 25th of May 2018, stricter requirements for consent when handling personal data took effect. The new requirements affect you as a trainer, and in this article, we’ll look at how.
More often than before, you’ll need consent from people to process their data. As a trainer hosting a training, however, you might not need consent to process the training participants’ personal data. Instead, having so-called legitimate interests is most likely enough.
Legitimate interests
Having legitimate interests means you are allowed to process personal information about an individual without consent since your reason for doing so is in the person’s best interest. Hosting a training where the person participates will most likely be considered a legitimate interest. However, you should consult with your lawyers to ensure this applies to your specific case.
Read more: How the UK’s Information Comissioner’s Office explains legitimate interests
Consent
If it turns out that you need consent from your training participants to process their personal data, there are guidelines for how to do so properly. In short, you’ll need to do the following to acquire consent from your training participants about processing their data:
- Inform them about why the data is being collected
- Give each participant the choice to say yes or no
Read more about what constitutes consent and how to get it here.