[Joeri]

This is something a lot of people seem to misunderstand about GDPR. At its core it says you should only process people’s personal data within a lawful basis. There are 6, and consent is only one.

(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.

(c) Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).

(d) Vital interests: the processing is necessary to protect someone’s life.

(e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.

(f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

[username332211]

The thing is, if you have any of (b)-(f), why shouldn't you also get (a)?

The maximum fine is 20 million euros or 4% of revenue, whichever is higher. Sure, it probably won't be imposed on a first time violation, but why take the chance?

Could you imagine any lawyer advising a company against requiring consent, even if they have some cover because of a legal obligation? Isn't it much safer to deny service to those that refuse to consent?

Sure, it'll annoy the customer, but right now the customer is used to minor annoyances.

[yxhuvud]

This is true, but the comment you replied to was about the cookie law, not about GDPR. They are separate issues, even if they are obviously related. Cookie law is about not using other peoples storage for usage that is not needed, GDPR is about personal information. You can use cookies for saving information that is not personal but that still would need banners.