EDPB’s Guidelines on Legitimate Intesrest

Recently, the European Data Protection Board (“EDPB”) adopted Guidelines 01/2024 on processing of personal data based on Article 6(1)(f) GDPR (processing based on legitimate interest).

Legitimate interest is one of the lawful grounds on which personal data can be processed. Its flexible nature makes it quite hard to actually apply appropriately in real life even though it is one of the most commonly used grounds. These Guidelines analyze the criteria set down in Art. 6(1) (f) GDPR that controllers must meet to lawfully process personal data on the basis of legitimate interest. It also takes into consideration the recent ECJ ruling on this matter (C-621/22, 4 October 2024).

The Guidelines will be open to public consultation until 20 November 2024.

Access via link: https://www.linkedin.com/posts/vietnam-data-protection_edpb-guidelines-012024-ver-10-activity-7251417347742179328-XHfJ?utm_source=share&utm_medium=member_desktop

PrivacyCompliance prides itself on its team of experts having achieved numerous internationally recognized certifications such as CIPM, CIPP/E, CISA, CISM, CRISC®, ISO27001 Lead Auditor, etc. With tried-and-tested knowledge and capacity, PrivacyCompliance is confident in being able to provide in-depth and comprehensive solutions on personal data compliance and protection.

Privacy Compliance

IN-HOUSE DPO VS. OUTSOURCED DPO – WHICH SOLUTION SAVES COSTS AND ENSURES COMPLIANCE?

💥 IN-HOUSE DPO VS. OUTSOURCED DPO – WHICH SOLUTION SAVES COSTS AND ENSURES COMPLIANCE? 🔒 Decree No. 13/2023 and the Draft Law on Personal Data Protection require all businesses to appoint a Data Protection Officer (DPO). The draft law explicitly gives businesses the right to choose between appointing an internal DPO or engaging […]

Learn more

Privacy Compliance

THE DPO AND A CULTURE OF DATA PROTECTION – THE KEY TO BUILDING LASTING TRUST

🌟 THE DPO AND A CULTURE OF DATA PROTECTION – THE KEY TO BUILDING LASTING TRUST In the digital age, personal data is both a valuable asset and a vulnerable one. That’s why the role of the Data Protection Officer (DPO) goes beyond legal compliance—it serves as a foundation for embedding a strong culture of […]

Learn more

Privacy Compliance

WHICH BUSINESSES ARE REQUIRED TO APPOINT A DATA PROTECTION OFFICER (DPO)?

Here is the English translation of your content, localized for clarity and professional tone: 🔒 WHICH BUSINESSES ARE REQUIRED TO APPOINT A DATA PROTECTION OFFICER (DPO)? 👉 Under Decree No. 13/2023/NĐ-CP, any organization that processes sensitive personal data—such as health information, biometric data, financial data, religious beliefs, etc.—is required to appoint a Data Protection Officer […]

Learn more

Cookie name	Type	Description	Expiration
cookie_consent	First Party	Remembers user’s cookie preferences (e.g., which types of cookies you accepted or declined) so that these settings are applied on future visits	12 months
pll_language	First Party	Stores the user’s language preference to display appropriate content	12 months

Cookie name	Type	Description	Expiration
_gcl_au	Third Party	Cookie used by Google AdSense to evaluate advertising effectiveness across websites	3 months
test_cookie	Third Party	Cookie used by DoubleClick (Google) to check if your browser supports cookies	15 minutes
IDE	Third Party	Cookie used by DoubleClick (Google) to store details about how the end user interacts with the website and ads they may have seen before visiting	12 months
ad_user_data	Third Party	Cookie used by Google to determine whether the user has consented to the use of their data for advertising purposes, including audience segmentation	13 months
ad_personalization	Third Party	Cookie used by Google to store user preferences related to personalized advertising, enabling more relevant ad delivery	13 months

EDPB’s Guidelines on Legitimate Intesrest