Comment by d1sxeyes

Comment by d1sxeyes 3 days ago

0 replies

View on Hacker News

What's 'legitimate' and what isn't is up for interpretation, but the question of whose interests is clear in the text of the GDPR itself, and it's the controller's (or a third party's) interests which could form the basis of lawful processing.

Interestingly, the GDPR specifically does not include 'benevolent' processing (i.e. processing for legitimate interests of the user) as a lawful basis.