Documentation

Table of Contents

GDPR opt in: How to collect consent on mobile

Is opt-in consent necessary under the GDPR? How do you go about setting up a GDPR opt-in for mobile? In this post we’ll show you step by step, the correct way to set up, and some tools that can help.

In short:

gdpr opt in

Does GDPR require double opt-in?

Double opt-in is a method of obtaining consent where a user must confirm their subscription or agreement by responding to a confirmation email or clicking a confirmation link. While double opt-in is not a requirement of GDPR, it can provide additional evidence that consent has been obtained and can help demonstrate that the consent was informed, unambiguous, and freely given.

Yes, opt-in consent is necessary for certain processing activities carried out by mobile apps. Generally, things like direct email advertising and cookies will require opt-in consent. These two scenarios will require different tools to help you comply.

We’ll start with email consent forms first, but you can click here to jump to the section on cookies.

🔎
Looking for a simple and compliant way to manage consent for newsletter subscriptions?

Try our Newsletter Opt-in Booster 👉 it adds a customizable signup form to your site, allowing you to collect and manage consent through a double opt-in process for a more engaged and responsive audience.

Activate now

Collecting GDPR opt-in consent to direct email marketing:

Under the GDPR, your users that you sign up to your mailing list should have the following:

  • The opportunity to give their informed consent. Users should be informed of the reasons you’d like their email address and the kind of emails they can expect to receive (e.g. third party advertisements).
  • The ability to opt in to the consent rather than opt-out. Pre-ticked checkboxes are forbidden.
  • The ability to give granular consent. Separate consent must be collected for separate purposes. example of correct gdpr email consent collection form vs incorrect
  • The ability to withdraw their consent after it’s been given. This option should be visible and easy to identify. A popular approach is to include an “unsubscribe” link in the footer of all your email communications.

đź‘€ Opt-In vs. Opt-Out

Under the GDPR you should have the following:

You can read more about setting up email/ newsletter lists under laws like the GDPR and the US’ CAN-SPAM Act here.

đź‘€ Opt-In vs Opt-Out in Email Marketing

Collecting opt-in consent for cookies

Here’s how to collect opt in consent for cookies on mobile apps:

Make sure that you have a banner visible on your app at the user’s first visit

The banner should:

  • inform users of any cookies that your app uses;
  • disclose the users’ rights in regards to the cookies (they have the right to refuse consent or withdraw it after it’s given);
  • link to a cookie policy that explains in detail the purpose of the various categories of cookies and the third-parties involved; and
  • to ask for the user’s consent before running those cookies in the first place.
🍪
More on cookie consent

To get a more detailed understanding of the law that governs cookie consent and read answers to frequent questions around this topic, check out this article:

👉 How Must I Manage Cookie Consent in Order to Be Compliant

Block any scripts that could run non-exempt cookies

Because informed opt-in or prior consent is required under the GDPR and ePrivacy (Cookie Law), you’ll need to make sure that you’ve set up a mechanism that block non-exempt cookies until the user has given consent via an affirmative action such as clicking and “Accept” button.

This is where our Privacy Controls and Cookie Solution comes in. With a few short clicks it lets you:

  • easily inform users via cookie banner and a dedicated cookie policy page (which is automatically linked to your privacy policy and integrates what’s necessary for cookie law compliance);
  • obtain and save cookie consent settings;
  • preventively block scripts prior to consent.
iubenda Cookie Solution configurator screen opt-in consent

Get started for free for up to 1K page views per month (no payment info required), with affordable paying plans available for sites that have more monthly traffic. You can start generating for your mobile site in minutes using the button below or email us at info@iubenda.com to access the Privacy Controls and Cookie Solution mobile SDK (available as a native component for iOS and Android).

Ready to take control of your website’s cookie consent?

Streamline your compliance with privacy laws using the Privacy Controls and Cookie Solution!

Generate a professional cookie banner and manage cookie consent with ease

See also

About us

iubenda

Cookie consent management for the ePrivacy, GDPR and CCPA

www.iubenda.com

Still have questions?

Attend one of our free webinars Email us Live chat