Legitimate Interest and the GDPR: a B2B Marketer's Guide
2018 was a huge year for B2B marketing. It’s the year that the GDPR took the industry by storm.
While there was a lot of confusion for businesses, a buzzword(s) of sorts emerged that put marketers at ease: Legitimate Interest.
What is legitimate interest? How do you apply it? And how can you ensure that your marketing is as GDPR-compliant as possible?
Easy. Just keep reading!
Our Head of Legal, Aksa Kalam, answered all of our questions below 👇
What is legitimate interest?
B2B marketing needs to be compliant. Legitimate interest is the most flexible of the GDPR’s lawful basis for processing.
“In legal terms, it’s where the processing of personal data is legitimate for the legitimate interests of the controller, or a third party.”
“In simple terms, it applies whenever an organisation uses personal data in a way in which the data subject would expect and which would have a minimal privacy impact.”
In B2B marketing, legitimate interest is one of the lawful bases for collecting and processing data. It allows you to prove the reasoning behind emailing your prospects based on their industry and job title.
There’s a legitimate interest in your product from these prospects as they’re in industry X or hold title Y.
In other words, legitimate interest could constitute an acceptable alternative to express consent or opt-in.
Why is legitimate interest important in B2B marketing?
The GDPR requires a lawful basis for processing data.
It applies whenever you’re processing data that means an individual can be identified (either directly or indirectly), even if they’re acting in a professional capacity.
Aksa explains exactly which parts of the GDPR marketers need to comply with:
“There are six available lawful bases for processing. You must confirm your lawful basis before you start processing personal data.”
“Two of these six bases are most commonly attributed to B2B marketing - they are consent and legitimate interest.”
What should be considered when marketing in Europe?
It’s important to remember that each country has its own regulations relating to the Privacy and Electronic Communications Regulation (PECR).
As marketers, you’ve got to have your fingers on the pulse with this.
Aksa told us:
“Despite having unified regulations in the EU, each country has its own regulations relating to PECR, which means that European marketers need to be aware of the varying regulations in different member states before carrying out marketing campaigns.”
“This can be challenging as some countries have a stricter approach to regulation than others.”
Does the GDPR replace PECR?
Although these regulations can be confusing, they must not be confused!
“GDPR does not replace PECR. Countries can have individual regulations relating to PECR, but they must meet the privacy standards outlined in the GDPR.”
Does legitimate interest apply to marketing calls AND emails?
Legitimate interest is not always appropriate for processing data and cannot be used as the default basis for your data processing.
PECR, however, applies to both marketing calls and emails.
What are the penalties for B2B marketers not complying?
Fines for failing to comply with the GDPR can be incredibly hefty!
Aksa told us:
“Enforcement action from regulators includes steep fines such as the £20M fine given to Experian in 2020, impact on internal procedures, and a loss of trust in the market.”
Ensuring that your data is compliant shouldn’t be an added headache for you and your team!
Cognism’s B2B data is fully compliant with the different laws within the 30 countries in which we operate.
Want to see the difference that our high-quality data can make to your business? Book your free demo at the link below 👇
The contents of this article are for the purposes of general awareness only. They do not constitute legal or professional advice. The content may have changed since this article was published. Readers should take appropriate professional advice for their own particular circumstances.