Back to blog
A picture of a person explaining a book

What is GDPR? Part 5 – Right to object

FAQ

We’ve all been there—suddenly flooded with emails, advertisements, and pop-ups because somehow, somewhere, our data made its way into the marketing machine. But did you know that under GDPR, you have the right to say, “No, thank you”? This is called the Right to Object.

In this post, we’re going to break down what the Right to Object is, how it works, and why it’s important in keeping your data safe from misuse.

So, what is the Right to Object?

In a nutshell, the Right to Object gives you the power to tell companies to stop processing your personal data if you don’t agree with how they’re using it. This is especially important when companies are using your data for direct marketing, profiling, or processing that affects your legal rights.

If you exercise your Right to Object, companies generally have to stop processing your data right away, unless they can prove there are compelling reasons to keep using it. (Spoiler alert: for marketing purposes, they probably can’t.)

When does the Right to Object apply?

The Right to Object applies in a few different situations under GDPR. Here are the main ones:

  • Direct marketing: This one is a no-brainer. If a company is using your data to send you emails, texts, or other marketing communications, you can object and make them stop.
  • Profiling: If a company is profiling you based on your data—whether for targeted ads or other purposes—you have the right to object.
  • Public interest or legitimate interests: Companies can sometimes process your data based on what they call “legitimate interests.” If you feel that their interests don’t outweigh your right to privacy, you can object.

However, there are some exceptions. For example, if a company needs your data to fulfill a legal obligation or for scientific or historical research, your Right to Object might not apply.

Why is the Right to Object important?

The Right to Object gives individuals more control over their personal data and helps prevent companies from misusing it. It’s particularly important in the context of marketing. How often have you ended up on an email list you didn’t sign up for? The Right to Object lets you hit the reset button on that unwanted spam.

It also empowers you to take action if a company is using your data in ways you don’t agree with, giving you more say in how your personal information is handled.

Example: Unwanted marketing emails

Let’s say you bought something online, and now the company keeps sending you promotional emails about products you don’t care about. Thanks to the Right to Object, you can ask them to stop processing your data for marketing purposes. And guess what? They have to listen!

How to exercise your Right to Object

Exercising your Right to Object is fairly straightforward. In most cases, companies are required to inform you about your right to object, typically in their privacy policy or within marketing emails themselves. There should be an easy way to unsubscribe or stop receiving communications.

If you want to object to other types of data processing (such as profiling or legitimate interests), you’ll usually need to contact the company directly. They’re required to stop processing your data unless they can demonstrate a legal reason to continue.

Final thoughts: Your right to object is your power

The GDPR Right to Object is a powerful tool that puts you in control of your personal data. Whether you’re fed up with marketing emails or don’t agree with how your data is being used, you have the right to say, “Enough is enough.”

And remember, this isn’t just about hitting “unsubscribe”—it’s about protecting your privacy and making sure your data is handled responsibly.