Skill

legalcode-legitimate-interest-assessment

Conduct a three-part Legitimate Interest Assessment (LIA) under GDPR Art. 6(1)(f), UK GDPR, and Swiss FADP (nDSG). Use when evaluating whether a controller's legitimate interest can lawfully ground processing under the Purpose test (is the interest lawful, clearly articulated, real and present?), the Necessity test (is processing strictly necessary and proportionate?), and the Balancing test (do controller interests outweigh data subject rights?). Also use when documenting LIA records for supervisory authority review, assessing direct marketing, fraud prevention, employee monitoring, profiling, intra-group transfers, network security, or any other processing relying on Art. 6(1)(f). Covers UK Recognised Legitimate Interests (DUA Act 2025) and Swiss Art. 31(1)(b) FADP overriding private interest. Produces a structured, auditable LIA documentation package with GREEN/YELLOW/RED per-test classification, APPROVED/CONDITIONAL/REJECTED overall outcome, remediation plan, and Glass Box audit trail.