A permission pass is a one-time double opt-in email campaign. It’s sent to all the contacts in your database who haven’t officially confirmed their subscriptions.
GDPR doesn’t only apply to contacts added after May 25th — it applies to all existing EU contacts in your database. If the contacts in your database have already appropriately given you consent — and you have history and records of all consent — you do not need to obtain consent again.
If you have not received consent that’s compliant to GDPR, you will have to collect consent again.