What is ‘legitimate interests’ in GDPR?

GDPR Legitimate Interests
GDPR Legitimate Interests

As per Article 6(1)(f) under the GDPR
“1.Processing shall be lawful only if and to the extent that at least one of the following applies:

(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.”

GDPR provide “legitimate interest” as a legal basis for using the personal data without obtaining containing, and GDPR does not have the list of purposes which are likely to constitute an legitimate interest. However, following activities/purposes may constitute a legitimate interest:
1. to ensure information security;
2. for fraud prevention; or
3. indicating possible criminal acts or threats to public security.

So if you are processing personal data for one of the above purposes then the legitimate interest basis applies.

GDPR Legitimate Interests Article 6(1)(f)

GDPR Legitimate Interests Article 6(1)(f)

You may also like...

Leave a Reply