Blog

Posts tagged with "Data"

Posted in: 0 Comments

Average Rating:
Bookmark and Share
Follow us on Twitter

What is Legitimate Interest, and does it affect you?



The EU General Data Protection Regulation, otherwise known as GDPR is a hot topic at the moment, with thousands of businesses across the UK currently adapting their data protocol in time for the changes coming into play in May 2018. For tech companies, users and consumers are vital for business, so you’re more than likely to be affected by GDPR.

‘But I process data for the greater good!’ we hear you cry. ‘I have to process client data, otherwise how will they know about the company?’ is another common worry.

The legitimate interest clause – which is currently going somewhat under the radar – is providing tech businesses with some security amidst the confusion.

The clause, one of the six lawful grounds for data processing in Article 6.1 of the GDPR states:

[Processing is] necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject

There are some examples where legitimate interest may apply – risk assessment, for direct marketing purposes, existing relationships (agency and client, for example) – but for those working in tech, certain areas are particularly pertinent:

Personalisation

Personalisation is key in many digital marketing campaigns and today, is expected by users. However, under the new GDPR rules, personalisation as we know it will be heavily controlled and marketers will need to have evidence that they have permission to target their users with marketing and comms. The legitimate interests clause within GDPR however, means companies can justify using analytics to personalise website content for each user. It is argued providing a better UX is in the user’s best interest, and therefore particular elements of personalisation may not be liable to GDPR.

Web analytics

As a company centred on technology development and innovation, web analytics are pivotal to your business success. So good news, you can happily use diagnostic analysis to track visitors, posts, user journey and social media metrics to advise future marketing campaigns without fear of a fine under GDPR. This information must be used for business intelligence. Cookie consent, however, is a different matter so make sure you’re clear on the difference.

Artificial Intelligence

Many websites use artificial intelligence to provide a quick, improved UX. Netflix provides tailored film choices, dependent on previous viewing history; Siri uses data stored in a device to answer questions, all using AI. Certain elements of AI do not fall under GDPR and many companies will not need to change their processes to facilitate this. It’s more a case of what you do with the data after this stage so be clear on what applies to you and what doesn’t.

While legitimate interest can provide some reassurance, it is important that companies understand GDPR, what it is and how to best implement processes to protect your company. If the groundwork isn’t put in before the 25th May 2018, when GDPR comes into effect, the consequences to your business could be catastrophic.


Tagged with: Data, GDPR, tech