It's also good to keep in mind that GDPR is not the only compliance issue you have with purchased data.
Just say no to buying lists, especially with GDPR.
This is strictly my opinion. To be certain, please consult with your legal team. I am neither a lawyer or a legal expert
In my previous statement though I am suggesting/questioning that even Marketo themselves is taking a position that they would be OK to find a person (let's say CMO of X company) who has not "requested information about one of your products" and could qualify based on their role and the company begin demographically fit for their offering, that legitimate interest is met. They could then market to that person (sales outreach, nurture) regardless of them providing explicit consent. That's how I am reading their policy. Your thoughts?
I concur with what Nik says. GDPR (and other data privacy laws) are intended to protect individuals' privacy and as such, third-party name purchases fall outside these boundaries.
As a fellow Marketo admin, please don't purchase names from third parties to send emails through Marketo. It puts all of us (especially those of us on shared IPs) at risk.