Elyzium is GDPR ready…
Article 6.1 of the General Data Protection Regulation defines six legal grounds for processing and using personal data. These are:
- Consent of the data subject.
- Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract.
- Processing is necessary for compliance with a legal obligation.
- Processing is necessary to protect the vital interests of a data subject or another person.
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
- Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
Should Elyzium send a business-related email to a contact without their prior opt-in consent, then it is because we believe that in doing so it is in the legitimate interest of both parties:
- For Elyzium, the legitimate interest is in wanting to form a business relationship with the data subject’s organisation, and ultimately grow our revenues.
- For the data subject, we believe they have a legitimate interest in hearing from Elyzium for the following reasons:
- We already hold a relevant and appropriate relationship with the data subject – i.e. the data subject or the organisation which employs them is already an Elyzium stakeholder.
- The business content of our emails relates specifically to the data subject’s organisations’ IT infrastructure. For example, we are advising them about a new version of software in use at their organisation or inviting them to an upcoming user event.
- We believe that the information contained within our emails could lead to cost and efficiency gains for their organisation.