Valid consent is defined as a person’s agreement to give up their right to privacy in exchange for some benefit or service. In other words, when someone consents to something, they are voluntarily giving up their rights in order to gain another benefit or service.
In order to obtain valid consent, you must be able to prove that the person agreeing with you actually understands what they are agreeing with and what they are giving up by agreeing with you. For example: If someone signs up for an email list without reading through all of the terms and conditions associated with joining it, then they have not given valid consent because they do not fully understand what they are giving up when they sign up for it.
The GDPR states that the processing of personal data must be “lawful” under Article 6(1)(a) which means that it must be done with consent or another legal ground. If an organization cannot rely on one of these legal grounds then they cannot process an individual’s personal data without a good reason.