Ad tech vendors using ‘legitimate interests’ card to declare themselves GDPR compliant

Ad tech vendors are using the smokescreen of 'legitimate interests' to declare themselves compliant to the upcoming GDPR, while not doing anything concrete to make themselves truly compliant.

Ad tech vendors do not have a clarity on how to obtain explicit consent before collecting data nor do they have plans in place to delete such data when requested, but erroneously believe they have sufficient legitimate interests to bypass compliance.

The upcoming General Data Protection Regulation will bring in stringent requirements for firms that store and handle data belonging to their customers. As per the upcoming regulation, firms will need to obtain explicit consent from customers before storing their personal data and will have to delete customer data whenever requested by customers.