Re: GDPR Legitimate Interest

Completely agree with these opinions.  If a data vendor is selling people's names to you, then it is not GDPR compliant.  Legitimate interest, from my understanding, means that the person has requested information about one of your products (and even there it can be a gray area) or has submitted themselves to be marketed by your database and has been provided information about your company's privacy policy.  

Just say no to buying lists, especially with GDPR.  

This is strictly my opinion.  To be certain, please consult with your legal team.  I am neither a lawyer or a legal expert  

Hi Chris,

In my previous statement though I am suggesting/questioning that even Marketo themselves is taking a position that they would be OK to find a person (let's say CMO of X company) who has not "requested information about one of your products" and could qualify based on their role and the company begin demographically fit for their offering, that legitimate interest is met. They could then market to that person (sales outreach, nurture) regardless of them providing explicit consent. That's how I am reading their policy. Your thoughts?

I concur with what Nik says.  GDPR (and other data privacy laws) are intended to protect individuals' privacy and as such, third-party name purchases fall outside these boundaries.  

As a fellow Marketo admin, please don't purchase names from third parties to send emails through Marketo.  It puts all of us (especially those of us on shared IPs) at risk.