Legitimate Interest Assessment
If, while onboarding a new Business Process asset you select Legitimate Interest as the legal basis for processing personal data, you have to perform a legitimate interest assessment, also referred to as a balancing test.
The purpose of this assessment is to ensure that processing is necessary for the purposes of the legitimate interests pursued by the Controller or Third Party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data.
The following are example processes for which Controllers can use Legitimate Interest as a legal basis:
- Direct marketing.
- Credit risk assessment.
- Fraud prevention.
- Network and information security.
- HR management.