Renee

What is legitimate interest? A plain English guide to this confusing topic

Are you GDPR’d out yet?

Last month, I explained my interpretation of ‘consent’ for GDPR.  The other reason many people will rely on for keeping in touch with their mailing list is “legitimate interest.”

Imaginative Training | social media blog | social media training | Plain English training | Plain English editing | LinkedIn coaching ! LinkedIn training | social media marketing

If you’re doing business with someone, you have a contract or you’re negotiating for one, legitimate interest definitely applies.  Consensus among the people I network with is that, if you have built your list from people you’ve met who know what you do and can reasonably expect to receive email about your business, this is a valid reason to stay in touch and can be classed as a legitimate interest. Do you agree?

Again, I recommend Suzanne Dibble’s super video collection for anyone who is uncertain about any aspect of GDPR, and some of the following information is taken from her marketing video. She suggests that, unless any e-privacy laws, ethics or industry standards are broken, in most cases direct marketing can be classed as a legitimate interest.  (There are some caveats.)

The key questions to ask yourself are:

  • Is the way you use people’s data ‘proportionate, with minimal privacy impact and people wouldn’t be surprised to receive it from you?
  • Could people reasonably expect to receive this information from you?
  • Have you worked through the “Three stage test?” This includes assessing the purpose for emailing them, ensuring it’s necessary for the purpose, and filling in a ‘balancing form’ to show whether the legitimate interest is overridden by the person’s rights or freedom. Also, did you keep a record of your ‘legitimate interest outcome’?
  • Can they opt out of receiving your emails? (If you use Mailchimp, as I do, there’s always been an unsubscribe button.)
  • Is your privacy policy lovely and clear?
  • Are people likely to object to receiving your email? And further – are they likely to object if you explained your reasoning to them? If the answer’s yes, you can’t count on legitimate interest.
  • Is whatever you’re sending likely to cause them harm? (The example Suzanne Dibble uses is people in debt receiving regular targeted emails from loan sharks or gambling websites, which can have a “significant negative effect.” If the answer’s yes, you can’t do it.)

Please note that, apparently, the ICO says that you shouldn’t rely on legitimate interest just because it seems easier to apply than consent.

That’s all I’m covering on GDPR now – and hopefully forever! Please remember that this is my own interpretation of legitimate interest; it doesn’t mean I’m correct, but I’m offering it as food for thought – or rather, fodder for further research if you think it will work for you.

So how are you deciding which legal basis to use in future? Will it be legitimate interest, consent or one of the other options?

Subscribe me please!
The new GDPR (data protection) law says that after 25th May we can't email you unless you've specifically agreed. So please opt-in here if you'd like to stay in touch - even if you're already on our mailing list. Our privacy notice (at the bottom of the page) says how we use your information - but, in a nutshell, it's only to send you a newsletter every now and then with social media tips.
We hate spam. Your email address will most definitely not be sold or shared with anyone else.

Speak Your Mind

*


*