Eu General Data Protection Regulation And User Consent Management
Management Summary
User Consent Management helps you to handle customer data in accordance with the rules and thus create the necessary compliance.
What is meant by user consent management?
One of the most demanding requirements of the General Data Protection Regulation is to obtain the consent of end users before receiving/transferring their personal data as a company.
From implicit to explicit consent
Consent to the use of customer data is already necessary, but the type of consent of the customer fundamentally changes according to the rules of the GDPR.
We are talking about a change from implicit consent to explicit, purpose-specific consent.
Explicit means concrete, so pre-filled checkboxes as consent to the use of the data, for example, are a thing of the past. The GDPR requires “a declaration or a clear consenting action” from the customer.
Explicit and specific consent
Purpose-specific means that only data that is clearly related to the action/service may be recorded. For example, sending reminders in the form of text messages to a customer’s phone is a legitimate purpose for retrieving and storing the customer’s phone number. Querying and storing the telephone number for downloading a PDF manual is not intended for a specific purpose and is therefore not permitted.
Data viewing and change options
In addition, the GDPR requires that customers must be able to view and change their consent settings at any time. For example, a customer who has consented to the use of their last name must be able to revoke that permission at a later date. Of course, this change must then take effect in all (automated) marketing channels and be stored in the individual system databases. For example: If your CRM has removed the last name, but your email delivery system still sends a personalized email, this violates GDPR.
Logging and harmonization throughout the database structure
All these consents and changes must be recorded in a comprehensible and clear manner (time and type of change). Specifically: Every explicit, purpose-specific consent of the customer (user consent) must be clearly recorded in the customer database (time and type of consent) and must be traceable.
One thing is clear: this new situation requires new, comprehensive processes in user consent management and corresponding user consent management tools for the legally compliant processing of the collected data.
We offer you support in the conception and implementation of the optimal user Consent management tools to keep your website and your digital marketing campaigns compliant with GDPR! You can find all the information about our solution here:
User Consent Management for GDPR Compliance
