Guidance on the use of Legitimate Interests under the EU General Data Protection Regulation
This Guidance from the DPN is intended to be used as a practical tool to aid commercial/not-for-profit organisations assess their grounds for using Legitimate Interests as a Lawful Basis for processing Personal Data under the GDPR. It alludes to the importance of the balance between interests of the Controller and the rights of the individual.
A summary of the contents outlined in the guide is list below.
Please click here for the full guide.
Contents of the Guidance
- Understanding what Legitimate Interests are
- Key definitions
- The Lawful Basis for processing under the GDPR
- Individuals’ rights under the GDPR & the implications of using Legitimate Interests
- Identifying areas of processing where Legitimate Interests may apply
- How Legitimate Interests might apply
- Examples of Legitimate Interests in action
- The Legitimate Interests Assessment (LIA) – the 3 stage test
- Identifying a Legitimate Interest
- The ‘necessity test’
- The ‘balancing test’
- Transparency and the consumer
- How to communicate the use of Legitimate Interests effectively and transparently to individuals