Since GDPR was finalised in 2016 and came into force in May 2018, personal data protection has become a major subject for businesses. The authorities have been implementing more and more detailed requirements that can have major financial impacts, sometimes reaching millions of euros, for the companies.
However, after considerable initial efforts to become compliant, maintaining personal data protection arrangements remains a challenge.
The choice of the legal basis for data processing is an example. Of the different options, legitimate interest is often used, but is it appropriate? It must be justified and reviewed with an evaluation of legitimate interest.
Our RBA team will present its approach around two specific themes:
- Moving from project mode to a management system
- Creating a Legitimate Interest Assessment (LIA)