PEOPLE CENTRIC CONSENT MANAGEMENT
There are many different ways an organisation can handle Consent Management. But digital front runners are the ones shifting from a technical infrastructure role mindset to a customer centric approach.
With GDPR requirements coming up, the pressure on CDO’s and DPO’s is building up.
While the whole world is talking about Digital Transformation and all the consequences related to data privacy and data protection, some are pushing forward to develop and release tangible solutions.
This Consent Management Pop Up- based on the GDPR ICO Consent Guidance requirements -is such a solution.
With the responsibilities and needs of a DPO in mind, we developed a flexible tool that incorporates the three most relevant perspectives: the rights of data subjects; organisational control and processing and legislative compliance. Read the story behind it.
How does this work?
Who will benefit?
Individuals have real choice and control over how their data is used
GDPR compliancy. Build customer trust and engagement, and enhanced reputation
Instant, governed data-driven logistics for trusted relationships with their customers and increased ROI
Key consent requirements
When developing the solution, we took into account the key consent requirements emphasized by the GDPR ICO Consent Guidance.
• Unbundled: consent requests must be separate from other terms and conditions. Consent should not be a precondition of signing up to a service unless necessary for that service.
• Active opt-in: pre-ticked opt-in boxes are invalid – use unticked opt-in boxes or similar active opt-in methods (eg a binary choice given equal prominence).
• Granular: give granular options to consent separately to different types of processing wherever appropriate.
• Named: name your organisation and any third parties who will be relying on consent – even precisely defined categories of third-party organisations will not be acceptable under the GDPR.
• Documented: keep records to demonstrate what the individual has consented to, including what they were told, and when and how they consented.
• Easy to withdraw: tell people they have the right to withdraw their consent at any time, and how to do this. It must be as easy to withdraw as it was to give consent. This means you will need to have simple and effective withdrawal mechanisms in place.
• No imbalance in the relationship: consent will not be freely given if there is imbalance in the relationship between the individual and the controller – this will make consent particularly difficult for public authorities and for employers, who should look for an alternative lawful basis.