Legal basis

Legitimate interests

Legitimate interests is one of the six lawful bases for processing personal data. It applies when processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Controllers must carry out a three-part test: identify the legitimate interest, show processing is necessary, and balance it against the data subject's interests.

DPA reference

Data Protection Act 2020

Related terms in Legal basis

Lawful basis

The legal ground that justifies the processing of personal data under the DPA 2020.

Public task

A lawful basis for processing necessary to perform a task in the public interest or exercise official authority.

Vital interests

A lawful basis for processing necessary to protect someone's life.