What is “legitimate interest” and how does it apply to B2B email?

Legitimate interest is one of six lawful bases for processing personal data under GDPR. It's sometimes cited to justify B2B cold email, but it's not a blanket permission.

Using legitimate interest requires a three-part test:

Purpose test: What legitimate interest are you pursuing? Business development can qualify, but must be specific and genuine.

Necessity test: Is processing this personal data necessary to achieve that interest? Could you achieve the same goal another way?

Balancing test: Do the individual's rights and interests override your legitimate interest? Consider the nature of the data, expectations of the individual, and potential impact on them.

You must document this assessment (Legitimate Interest Assessment or LIA). Stating that you want more customers isn't sufficient.

For B2B email specifically:

Relevance matters: contacting someone about topics clearly related to their professional role is more defensible

Volume and frequency factor into balancing

Recipients must still be informed and have opt-out rights

Legitimate interest is not the same as sending whatever you want. It requires genuine analysis and documentation.