• Partners
  • Investors
  • Press
Idlegcy-logoIdlegcy-logoIdlegcy-logoIdlegcy-logo
  • Home
  • Vision
  • Offering
  • Ecosystem
  • News
  • Contact
  • Home
  • Vision
  • Offering
  • Ecosystem
  • News
  • Contact

Ask for freely given, informed and active consent

Consent is one of the trickiest parts of the GDPR. Especially in practice when you start looking at it from a perspective of specific personal data processing activities whereby consent turns out to be the only or most appropriate legal basis for the lawful processing of personal data.

For consent to be informed and specific, the data subject (e.g. your customer or your employee) must at least be notified about the controller’s identity, what kind of data will be processed, how it will be used and the purpose of the processing operations as a safeguard against ‘function creep’. The data subject must also be informed about his or her right to withdraw consent anytime. The withdrawal must be as easy as giving consent.

The consent must be bound to one or several specified purposes which must then be sufficiently explained. If the consent should legitimize the processing of special categories of personal data, the information for the data subject must expressly refer to this.

 

GDPR Article 7 sums up the essential conditions regarding consent (to be valid). In a nutshell:

  • Consent needs to be freely given.
  • Consent needs to be specific, per purpose.
  • Consent needs to be informed.
  • Consent needs to be an unambiguous indication.
  • Consent is an act: it needs to be given by a statement or by a clear act.
  • Consent needs to be distinguishable from other matters.
  • The request for consent needs to be in clear and plain language, intelligible and easily accessible

So remember:

  • Make sure that consent is given freely and actively. Do not use pre-checked boxes on your webforms.
  • Carefully manage the consent lifecycle: from data collection and enabling data subjects to change or withdraw consent to deleting personal data. You can use specific software solutions for consent management like i.cntrl.it
  • Before looking to tools and solutions, you should have your consent mechanics in place: know where you need consent and what the consequences are for your organization in terms of personal data processing activities.

Want to read
more tips?

Subscribe
Want to read more tips?
Share this:

Related tips

Use adequate security measures for your data storage

Since the introduction of the GDPR legislation, we know that we cannot collect this data without permission. That is why we have provided our websites and our apps with well-written Privacy Statements and Cookie Policies. But even if we only store this data and do not use it immediately for direct marketing campaigns, the GDPR legislation still imposes some requirements.
Read more
Published by hein.bruggeman@idlegcy.com
11 June 2019
ID-legcy-foto

Show your photographer who agreed to be pictured

More and more people are really annoyed about the unconfirmed publishing of pictures. It’s not good marketing practice any longer to just move forward and publish-as-you-please.
Read more
Published by hein.bruggeman@idlegcy.com
31 May 2019
idlegcy-simple-data-export-common-format

Have your staff use the auto-lock feature on their smartphone

Via the smartphone of your collaborators, anyone can get access to their e-mail correspondence. This access is often less protected than the PCs and desktops they are using.
Read more
Published by atelier64
14 May 2019

IDLEGCY NV

Brussels West Office, Kastanjelaan 81
BE-9620 Zottegem
Company ID: BE-0686.716.547
logo idlegcy
© 2020 - Idlegcy NV, Kastanjelaan 81, BE-9620 Zottegem, company ID: BE-0686.716.547. Privacy statement. Cookie statement.
    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. Cookie policyOK
    Privacy & Cookies Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
    Necessary Always Enabled

    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

    Non-necessary

    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.