Skip to main content
FIND A LAWYER
ARTICLE

Is Santa Claus in breach of the GDPR?

“He’s making a list, he’s checking it twice, he’s gonna find out who’s naughty and nice, Santa Claus is in breach of the GDPR.”

You may have seen this on social media. It is clearly the most important GDPR issue of the year. Let’s see if it is correct or whether Santa is acting lawfully under the new law.

Santa’s list will contain personal data and he will be processing that data in dealing with the delivery of our presents. The processing is probably taking place in Lapland which is within the EU, but even if it is happening further afield, the processing will still fall within the scope of the GDPR if the data that is being processed is the personal data of EU citizens.

Does he have a lawful basis for the processing?

Some of us will have written letters to Santa about the presents we would like.  That may set up a contract and make the processing lawful in the context of fulfilling that contract.  And the content of the letter may well constitute the sort of affirmative consent that will make the processing lawful.

In any event, it seems likely that legitimate interest will provide the lawful basis for processing.  We all anticipate, even hope, that he will process our personal data for the purpose of bringing our presents. This is, of course, one of his primary, well-known and accepted functions. And there is a pre-existing relationship and a history of such processing in previous years.

He must, of course, comply with the data processing principles – and he does appear to be doing that.  He keeps the data current and up to date – he manages to get our presents to us even if we move address.  And he stops bringing presents for those who have sadly passed away during the year.

We can conclude that Santa Claus is not acting in breach of the GDPR.  We are delighted to be able to bring this news.  A very happy Christmas to all our readers.

This update is for general purposes and guidance only and does not constitute legal or professional advice. You should seek legal advice before relying on its content. This update relates to the prevailing circumstances at the date of its original publication and may not have been updated to reflect subsequent developments. If you have general queries about our updates, please email: mailinglists@greenwoods.co.uk




    By completing and submitting this form, you consent to Greenwoods Legal LLP processing your personal data to provide you with the email update services you have selected and any other materials and information about our services that Greenwoods Legal LLP reasonably believes will be of interest to you. You are free to withdraw your consent at any time by emailing mailinglists@greenwoods.co.uk





      By completing and submitting this form, you consent to Greenwoods Legal LLP processing your personal data to provide you with the email update services you have selected and any other materials and information about our services that Greenwoods Legal LLP reasonably believes will be of interest to you. You are free to withdraw your consent at any time by emailing mailinglists@greenwoods.co.uk