DPNetwork – guidance on legitimate interest

Guidance on the use of Legitimate Interests under the EU General Data Protection Regulation

This Guidance from the DPN is intended to be used as a  practical tool to aid commercial/not-for-profit organisations assess their grounds for using Legitimate Interests as a Lawful Basis for processing Personal Data under the GDPR. It alludes to the importance of the balance between interests of the Controller and the rights of the individual.

A summary of the contents outlined in the guide is list below.

Please click here for the full guide.

Contents of the Guidance

  • Understanding what Legitimate Interests are
    • Key definitions
    • The Lawful Basis for processing under the GDPR
    • Individuals’ rights under the GDPR & the implications of using Legitimate Interests
  • Identifying areas of processing where Legitimate Interests may apply
    • How Legitimate Interests might apply
    • Examples of Legitimate Interests in action
  • The Legitimate Interests Assessment (LIA) – the 3 stage test
    • Identifying a Legitimate Interest
    • The ‘necessity test’
    • The ‘balancing test’
  • Transparency and the consumer
    • How to communicate the use of Legitimate Interests effectively and transparently to individuals