GDPR, Legitimate Interest & Recital 47

What does it all mean for marketers?

Before you go...

We don’t mean to brag, but our monthly newsletters are pretty damn good. They’re filled with useful information and how to's to help you grow your business. So do the smart thing, sign up below to get them in your inbox.

No spam, we promise!

GDPR has been giving data controllers, marketers and business owners the fear ever since it came into force across Europe on the 25th May 2018. However, thanks to a little known recital, namely recital 47, it’s not quite as scary as you’d think.

But, before we dive into what recital 47 means let’s have a quick recap.


What is GDPR?

Also known as the General Data Protection Regulation, it’s designed to protect personal data handled anywhere in the European Union (EU) and European Economic Area (EEA). Its aim is to give individuals control over the data companies hold on them and understand their rights about what the company can do with it.
Under GDPR, Data Controllers have to be clear about the type of information they collect and have justifiable reasons to hold it. This is generally outlined in something known as a Privacy Policy.

Within the Privacy Policy, Data Controllers must outline the following:

What data they collect
Why they collect it
What they use it for
How long it’s kept
Whether they share it with any third parties

As well as that, all data must have been collected with clear consent and be stored safely to ensure it’s not at risk of getting into the public domain.

Historically, companies were able to easily collect data by using opt-out forms. This was a fast and easy way to capture data as permission to collect was assumed, and most people didn’t realise they had to tick to opt-out. But, when GDPR came into effect that was no longer legal. Now, data can only be collected if a person actively chooses to opt-in. Not only that, any data previously collected using the opt-out model is now illegal and has to be deleted. This change meant that a lot of companies saw their marketing pots slashed when GDPR came into effect. It was a huge headache and an issue that saw your inbox flooded with companies asking for you to opt-in to stay on their mailing lists before the 25th May.

So What’s Recital 47?

It essentially says that if you hold data for someone which you don’t have categorical permission to hold, you are still able to use that data if you have a legitimate interest.

The only caveat is that the data can only be used in a way that the data subject could expect. For example, if you hold data for a father of two who has been a customer in the past, they could reasonably expect you to contact them to promote a family event. But they definitely wouldn’t expect you to contact them in relation to a ladies’ night featuring the current line up of the Dream Boys. Or would they?!

However, don’t take Recital 47 as a free pass to not bother obtaining consent when collecting new marketing data. The final line in the recital states “The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest”. The term ‘may’ means that the recital is a bit ambiguous for marketing activities, so you’ll always be best off asking for consent before storing new information.

Registering with the ICO

And while we’re talking data, one thing that you may not realise is that if you hold and process data you should be registered with the Information Commissioners Office (ICO) and pay a data protection fee. There are three levels of fees which range from £35 and £2,900, but for most organisations, it will be £35 or £60 and all fees are VAT exempt.

There are some exemptions, and this link takes you through a short questionnaire to see if you need to register and if so, what fee you need to pay.

If you need a GDPR compliant privacy policy for your business, get in touch and we can get one written by our expert legal partners.
Plus, if you found this useful be sure to subscribe to our monthly newsletter below so you don’t miss our next articles.

From the Blog...

We periodically add useful and interesting content to our blog. Below is a selection of some of our most recent content and to get the latest posts in your inbox you can subscribe to our monthly newsletter. No spam, we promise!

The Pros & Cons of Using Online Website Builders
The Pros & Cons of Using Online Website Builders

They look like a great deal right?! Well, they can be, but they’re also not right for every business and there are some key things you should know before using one. We’ve compiled the pros and cons of using online website builders so you know the deal before you click that button.

read more