Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ThierryN
Newcomer I
‎12-04-2017 04:45 AM
‎12-04-2017 04:45 AM

GDPR and business emails...

Dear all, 

 

Email related info are considered by the GDPR as being personal data.

So there must be a legal base to guarantee the processing of them is legal.

I do not imagine the consent of the data subject being this legal base…

 

How would you then handle this ? Legitimate interest ?

 

Thanks,

Thierry

 

Reply
0 Kudos
2 Replies
Laurie-Anne
Newcomer I
‎12-04-2017 06:37 AM
‎12-04-2017 06:37 AM

Hi,

 

You can use the contract basis, as long as use of the email is required for the individuals to perform their work.

You should, however, ensure that you have some kind of acceptable use policy that explain to your users what what authorized use of their email for personal reason is. You also need to explain them any other processing of their emails (anti-virus scan, for example (here you can use the legitimate interest)).

 

Note, that consent from employees will most of the time not be considered as free; so not compliant.

Reply
flyingboy
Newcomer III
‎12-04-2017 09:21 AM
‎12-04-2017 09:21 AM

There is 2 sides to this. If I provide you my business contact information (eg. email address) for business purposes and I obtain email enquires or proposal on company matters, that is legitimate interest. However, I start receiving propositions on personal health or financial products, the use of previously collected data is not allowed.

Reply