OUR LATEST POSTS
Legitimate Interest as a Legal Basis for Processing – European Trends and Key Takeaways
Legitimate interest remains one of the most frequently used legal bases under the GDPR; however, supervisory authorities are scrutinising its applicability with increasing rigor. Through the lessons learned from dozens of cross-border cases, the new OSS Case Digest published by the European Data Protection Board (EDPB) demonstrates the criteria based on which European data protection authorities assess the existence of legitimate interest and the adequacy of the balancing test. In many respects, the decisions are consistent with the practice of the Hungarian National Authority for Data Protection and Freedom of Information (NAIH), and they also provide important guidance for Hungarian data controllers as to when reliance on legitimate interest as a legal basis for processing may be regarded as sufficiently substantiated. Our article presents the most important European trends and their practical implications for Hungarian businesses.
A Tiny Cookie – A Hefty Fine
In early September, the French data protection authority issued a precedent-setting decision: it fined Shein’s Irish subsidiary for serious violations of cookie and user consent regulations. The ruling goes far beyond a single fine and sends a clear message: cookie-related data protection rules must be taken seriously.











