GDPR / Apr 22, 2026

GDPR Legal Basis Examples for Product Teams

Examples of how SaaS teams can think about consent, contract, legitimate interests, and legal obligation in privacy notices.

GDPR legal basis examplesArticle 6 GDPRprivacy notice examples

Contract is not a shortcut for everything

Contract may fit account creation, billing, and core service delivery, but it often does not fit marketing analytics or optional tracking.

A strong policy avoids stretching one legal basis across unrelated purposes.

Legitimate interests need context

Security logging, fraud prevention, and basic service improvement may rely on legitimate interests, but the text should still explain the interest and the balancing logic in plain language.

Turn this into a check

Normio separates GDPR readiness findings from third-party disclosure gaps, so legal and product teams can fix the right issue without losing the thread.

Explore GDPR tool