Legitimate Interests Assessment (LIA)

UK GDPR Article 6(1)(f) · Document version 1.0 · Last updated: 11 May 2026

Scope. This LIA covers the processing of personal data belonging to third-party senders and recipients of email — i.e. people who have corresponded with an Azindoo user, but who have not themselves signed up to Azindoo. The processing of the user’s own personal data is covered by Art. 6(1)(b) (performance of contract) and is out of scope here.

1. Purpose test — is there a legitimate interest?

Yes. Azindoo’s legitimate interest is to deliver the email-intelligence service the user has contracted for. Without processing inbound and outbound third-party correspondents’ email content, we cannot:

Detect commitments the user owes or is owed.
Reconstruct decision timelines or surface knowledge nodes.
Provide regulatory or data-protection exposure warnings.
Power the trust graph or reply-probability features.

The user has a corresponding legitimate interest in obtaining intelligence over their own inbox. There is also a wider public interest in helping individuals manage information overload, identify regulatory risk and prevent miscommunication.

Purpose test: PASS

2. Necessity test — is the processing necessary?

Alternative considered	Why rejected
Process only the user’s outbound emails	Eliminates the unified-memory, escalation-radar and decision-drift features that depend on understanding the conversation as a whole. Half-feature would mislead users.
Obtain affirmative consent from every third party	Manifestly impossible at scale (millions of senders) and disproportionate — Art. 14(5)(b).
Strip names & identifiers before AI analysis	The product is fundamentally about who said what; redaction destroys utility. We do, however, keep all analysis siloed per user.
Local-only on-device processing	Considered, not viable today: model size, mobile use cases, cross-device sync.

Necessity test: PASS

3. Balancing test — do the third party’s rights override our interest?

Reasonable expectations

A reasonable sender expects the recipient to read, store, search, forward, archive and use third-party software to manage the message. Using an AI assistant to triage one’s own inbox is a modern extension of the same expectation. We do not: (a) sell the content, (b) use it for advertising, (c) train AI models on it, (d) share it with other Azindoo users, or (e) expose the third party’s data to anyone outside the original user’s account.

Impact on the third party

Low. The processing is invisible to the original conversation, does not alter the email, does not result in any contact with the third party, and is bounded to the user’s private workspace. The most significant risk is incidental special-category data exposure, mitigated by the controls in our DPIA.

Safeguards

Read-only Gmail scope (gmail.readonly) — no modification or sending.
30-day import window and 100-message cap per sync.
Application-layer encryption for OAuth tokens.
TLS in transit; server-side queries only.
Easy and free right-to-object route at [email protected] — we respond within 30 days and will delete or block processing of the objector’s data on request.
Every user can delete imported emails and analytics with a single click in Settings.
Transparency: this LIA is public; the Privacy Policy §9 specifically addresses third-party data.

Balancing test: PASS — with safeguards.

4. Outcome

We may rely on Art. 6(1)(f) legitimate interest as the lawful basis for processing third-party personal data inside the user’s connected inbox, subject to the safeguards above and to the Art. 14(5)(b) disproportionate-effort exemption for direct notice.

5. Review

Reviewed every 12 months, immediately on launch of any new AI module that materially changes the processing, and after any objection that we decline. Owner: founder, with sign-off from external counsel on next review.