To help comply with the GDPR, Actito offers a "Forms and Pages" module that list of bahrain whatsapp phone numbers includes as standard the historization of the context and legal notices at the time of collection. The Preference Center template is "ready to use" and includes all the information and granularity principles of consent collection required by the GDPR. By using these modules, you are sure to be able to demonstrate your good faith in the implementation of the principles of the GDPR, which you may be required to prove within the next two years.
The rules of consent
The GDPR is an undeniable game changer regarding consent in marketing, significantly strengthening it in certain areas, while remaining in line with the 1995 directive and the 2004 law (the one that introduced opt-in) on the fundamental principles.
As a reminder, the latter already stipulated the rules of consent:
" For the purposes of this Article, consent means any freely given, specific and informed expression of will by which a person agrees to personal data concerning them being used for direct marketing purposes. "
The GDPR defines consent as:
" Any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. "
We see that the language elements are very similar and that no fundamental changes have occurred on this particular point. In addition, the GDPR is explicit about the authorization to continue data processing activities on the basis of consents obtained previously. There is no need to consider that the entire consent collection process must be completely renewed by May 25, 2018.
As was already the case, consent therefore requires an active step by the person concerned. This action may be a written signature, an oral manifestation or a behavior from which one can incontestably conclude the will to have their personal data processed.
Consent must be free . That is to say, it must be able to be withdrawn at any time. In addition, it must be checked whether there was no coercion. For example, if the conclusion of a contract is subject to acceptance of the use of data for marketing purposes, consent is not free. This is also what opposes the use of pre-ticked boxes.
Consent must be informed , meaning that the person concerned must actually understand what happens to this data. To achieve this, the request for consent must be presented in a comprehensible and easily accessible form, and formulated in clear and simple terms. It will be necessary to adapt concretely to the target audience of the request for consent by avoiding jargon, complex formulations, etc.
Consent must be specific . The request for consent must therefore be granular; for each different purpose, a different consent must be requested. The request for consent cannot be drowned in the general conditions either. An example of a purpose: direct commercial prospecting
As we can see, the GDPR requirements in terms of consent are particularly strict, a greater amount of information must be communicated to the person concerned.
The following information must be provided as a minimum:
The identity of the data controller: information necessary to identify the controller and all persons likely to receive the data
The purposes of the processing: clear information, processing by processing, on what will be done with the data.
The processing activities that will be carried out: information processing by processing unless the processing operations are independent.
The right to withdraw consent at any time and how to do so
“Too much information can kill information”: drowning the data subject under information can lead to the opposite effect to that intended by the regulation. When obtaining consent, only relevant information should be communicated. The GDPR specifies that when consent is given electronically, the information must be provided in a concise manner and must not negatively impact the use of the service.
Proof of consent
