Holli25@slrpnk.nettoFree and Open Source Software@beehaw.org•Does a FOSS App need TOS and Privacy Policy?
3·
11 months agoJust a quick note for the Privacy Policy, Data Processing Agreement and Cookie Policy: this EU law (GDPR) and is mandatory for all EU states. So its not specific to Germany.
Legitimate interest is a way for the vendors to not need your confirmation. In general, your right to privacy is valued against the vendor’s right to operate. The most often used example is advertisement: in general, vendors are allowed to advertise, as they want to operate and sell their products. But you have a right to your data (e.g. mail adress, home adress, interests…). So courts have to value what is more important. Another example that most people would agree is that clubs want to show what happens in the club, so they publish pictures from their activities (interest of club to show they are active vs personal right to your image). As not every case goes to court, most vendors see their interest as more important and interpret “legitimate” interest rather loosely. So in general, the idea of legitimate interest is compliant with the GDPR, although I believe most sites use it too liberal.