Corporate news
CityFibre agrees sale of Lit Fibre ISP to its co-founders
1 November 2024
As the new GDPR legislation rolls into action today, many marketeers are now looking to ‘legitimate interests’ to justify their comms activity - but whilst this clause offers the most flexibility to use people’s personal data for marketing purposes it cannot always be assumed it is an appropriate way to justify your communications.
As the new GDPR legislation rolls into action today, many marketeers are now looking to ‘legitimate interests’ to justify their comms activity - but whilst this clause offers the most flexibility to use people’s personal data for marketing purposes it cannot always be assumed it is an appropriate way to justify your communications.
The law states that legitimate interests can be ‘your own interests or the interests of third parties and can include commercial interests, individual interests or broader societal benefits’. However the Information Commissioner's Office (ICO) says that if you choose to rely on legitimate interests, you take on extra responsibility for ensuring people’s rights and interests are fully considered and protected. The ICO also states that for direct marketing purposes, the right to object is absolute and you must stop with the communications if someone requests it.
Is my comms covered by legitimate interest?
To make answering this question easier the ICO advises that businesses apply a three-part test:
The ICO also recommends that businesses document the outcome of each assessment, this will make the process of demonstrating that legitimate interests apply much simpler if required to do so. This assessment is referred to by the ICO as an LIA (Legitimate Interests Assessment) and whilst these documents have no formal structure the ICO has created a template to support this best practice.
In summary there is no definitive answer as to whether legitimate interest will give you solid enough legal grounds for communicating with someone, however if the use of people’s data has been done in a way that is proportionate, there is minimal privacy impact and the recipients are unlikely to be surprised by your reason for contacting them, then you are likely to have a strong enough case.
The recommended three tests will give you a good sense of the case you have and if these provide significant enough doubt it is safer to look at other ways to market your message.
Have your say!
We want to hear your views on GDPR - Have you received all the guidance you need to help your business comply?
Related articles
Further information:
With network projects in over 60 cities and construction underway to reach up to 8 million homes
Corporate news
1 November 2024
Project Gigabit
24 October 2024
Partners
21 October 2024