How does GDPR consent requirement affect your marketing activities? Do you always need consent under the GDPR?
In this post, we’re going to shed some light on this topic and give you practical advice on how to collect GDPR consent for marketing.
GDPR requires that organizations have a lawful basis for processing data. One such basis is consent, which according to the GDPR has to be explicit and freely given:
freely given, specific, informed and unambiguous
So, the mechanism for acquiring consent must be unambiguous and involve a clear affirmative action.
You’ll likely need consent for all your marketing activities.
For example, if you’re sending out a newsletter, you can’t do it unless the user has agreed to receive it.
Moreover, given the latest guidelines on cookies in many European countries, you’ll also need explicit consent when processing data through cookies.
First, it means that leads, customers and partners need to physically confirm that they want to be contacted. For example, pre-ticked checkboxes or any other type of consent by default are not allowed.
The regulation also gives a specific right to withdraw consent; it must, therefore, be as easy to withdraw consent as it is to give it.
Then, you need to be able to prove that you’ve collected consents lawfully, in a way that’s GDPR-compliant.
iubenda can help you with every aspect of consent:
Compliance solutions for websites, apps and organizations: collect GDPR consent, document opt-ins and CCPA opt-outs via your web forms.