Data Protection, Electronic and Privacy Law Blog

Keeping you up to date with plain language explanations of your obligations and liabilities under data protection law, electronic law and privacy law. With a touch of cybersecurity and trends like blockchain and quantum computing.

When I got to know the lovely Andrea Manning and Carmel Granahan from OnePageCRM - and had the craic with some failed audio on a live GDPR help webinar!

Performing a Legitimate Interest Assessment and using OnePageCRM

31 July 2018
Posted in: Data Protection and Privacy

I was recently asked by OnePageCRM to discuss GDPR and Legitimate Interest Assessments with them on a webinar - which I happily did. This is why.

GDPR Vendor Management

Third party vendor management, due diligence and platform auditing can pose a problem for smaller businesses.  Part of the work I do, especially on initial benchmark type audits, is to do a desktop audit of your vendors, inspecting their services and products and documentation publicly available and supplied to your business.  OnePageCRM is a local, Irish offering that a client of mine asked me to have a look at and when I did I was duly impressed with their apparent dedication to ensuring a GDPR compliant service for their customers.  Tip: first step in assessing a vendor is having a peek at their publicly available privacy information usually found in a privacy notice and terms they make publicly available.  

Their Team

Without OnePageCRM knowing the above, they contacted me to ask me to have a look-see in terms of being transparent and open about what they were offering.  I was offered a trial of the platform (yes, I know, I'm absolutely useless and still in fact do not have anything loaded because I need a time making machine and/or an assistant!!!) which was when I 'fessed up to having had a look already through a client.  Through this I got to know Andrea Manning and Carmel Granahan and my perception of 'apparent dedication' turned into an appreciation for their real and enthusiastic dedication to ensuring a GDPR compliant service for their customers.

Knowledge Sharing

If you know me in person (or online) you'll know that I am usually quite happy to share a bit of knowledge with you.  Complex situations require consideration and sometimes confidentiality so I will draw the line at some point when it comes to public sharing.  However, ask me on a webinar or podcast to teach a skill or implementation and I am happy to hop on and share.  Which is what I did here, with OnePageCRM, where we discussed how to perform Legitimate Interests Assessments correctly.  Have a read of what they have to say about getting GDPR ready and watch the webinar here.  As Carmel says: GDPR should be baked into your organization, not just the icing on the cake. Hear hear!

Note: OnePageCRM has not requested or endorsed this post and has not influenced it in any way.

If you need assistance with vendor or third party due diligence, legitimate interests assessments or doing an initial GDPR benchmark and gap analysis, get in touch as I would be delighted to help you.



Castletownroche, Co. Cork
Mon-Thu: 10h00-14h30

Contact Philipa

Phone: +353 (21) 234 8890
Mobile: +353 (83) 827 4889

Philipa Farley is an Association of Data Protection Officers Member ProPrivacy is a Cork Chamber Member ProPrivacy is a Mallow Chamber Member Philipa Farley is an Irish Computer Society Member Philipa Farley is a Business Analysts Association of Ireland Member Philipa Jane Farley is a Grow Remote Mallow Chapter Member

Philipa Jane Farley GPG Key - Fingerprint: 2D8E FAA6 B2C6 0754 D13B 2E7D 6A46 D9E6 F2F8 E7DE
ProPrivacy Consulting Limited (t/a ProPrivacy) CRO Reg: 628639 VAT: 3547299MH Registered Office: Bridgetown, Castletownroche, Co. Cork
© Copyright 2019 ProPrivacy Consulting Limited - All Rights Reserved