Hi privacy pros
Great to see a new forum for privacy matters popping up!
Let’s say company A sells a division of its business to another company B (both companies are EU based). This includes taking over some employees. It is my understanding that an employee’s emails on their company mailbox have to be treated very carefully since the employee’s fundamental rights to privacy apply.
I am now wondering in how far company A may transfer mailboxes of employees and archives of former employees containing still partially business relevant emails may be transferred to company B.
What’s the best way of tacking this issue in your view? In particular curious about:
1. Can company A use its legitimate interest to transfer those emails as part of the whole business transfer to company B and just transfer them automatically?
2. If consent is the correct legal ground, should the companies leave this up to each employee to export and import their own mailbox at their own willingness (to not risk obtaining invalid consent due to the imbalance in the employer-employee relationship)?
3. Anything else to keep an eye out for?
Thanks in advance for your valuable insights!