GDPR – Legitimate Interest is your friend


Garages can continue to send MOT reminders to their customer base as long as they offer the customer the option to opt out in every email or text.

Author: Nona Bowkis
Reading time: 3 minutes

This article is 4 years old.

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

We are pleased to note that the ICO have now produced a document which confirms what we at Lawgistics have been saying for many months and that is that legitimate interest is a business friendly ground for processing data.

As we have previously advised, business do not need to jump through the consent hoops and reviews to continue to market to existing customers.  To reiterate, garages can continue to send MOT reminders to their customer base as long as they offer the customer the option to opt out in every email or text. Further, it is absolutely fine to take a customer’s details and call them back – no separate consent is required, the customer has called you and so is expecting a call back.

The trick to staying on the right side of legitimate interest is to consider the 3 part test which in plain English requires you to consider:

  1. why do you want to process the data in question?
  2. will processing the data help you achieve your purpose and is there a less intrusive way to achieve it? 
  3. would the data subject reasonably expect you to be using their data in this way? 

As examples:

An employer may ask for next of kin details from their employee so they know who to contact in an emergency. There is no need to ask the individual next of kin for their consent to hold their personal data as it is not unreasonable for such details to be held for health and safety reasons. There is no less intrusive way to be able to contact a relative after an emergency, the impact is minimal and only the Line Manager and Directors will have the details.     

A car dealer has a problem customer and seeks help from Lawgistics. The car dealer is entitled to seek specialist legal advice and only provides the customer data relative to the case. It is entirely reasonable for a business to seek advice and the customer’s details are looked after by Lawgistics who are GDPR compliant meaning there is minimal risk to the customer (except that they are likely to lose their case of course!).

The key is giving the matter some thought. If it can reasonably be justified, then legitimate interest is your ground of choice – much less hassle and for marketing to existing customers, more likely to keep your marketing list alive as asking for consent may well end up with a limited response.

So in summary, legitimate interest is your friend but like all good friendships, it shouldn’t be abused. 

Nona has published many legal updates on GDPR and will be conducting workshops at the forthcoming CarDealer Magazine Expo 2018.

Nona Bowkis

Legal Advisor

Read more by this author

Getting in touch

You can contact us via the form or you can call us on 01480 455500.