If your business is based in Europe, or you process the personal data of individuals in Europe, the GDPR affects you. When relying on consent as your legal basis for processing, the GDPR says the consent has to be freely given, specific, informed, and unambiguous.
Let’s see how you can make sure you’re earning consent in the right way with these actionable tips and form examples.
If your users are not able to understand exactly what they’re signing up for, they cannot give informed consent. Avoid complex phrasing when explaining reasons for consent: specify why you want the data and what you’re going to do with it in “plain English”.
Don’t forget to clearly name your organization and any third parties relying on the user’s consent.
Your mechanism for acquiring consent must involve a clear affirmative action: pre-ticked checkboxes or any other type of consent by default are not allowed.
Consent should be specific to a particular activity in order to be considered valid: when you ask for consent, this needs to be separate from other terms and conditions.
Users have the right to withdraw their consent at any time and you should clearly tell them where and how to do it without detriment. Never hide your unsubscribe button.
Try our Newsletter Opt-in Booster 👉 it adds a customizable signup form to your site, allowing you to collect and manage consent through a double opt-in process for a more engaged and responsive audience.
Activate nowGDPR not only sets the rules for how to collect consent but also requires companies to keep a record of these consents. Without these records, the consent you collect is considered invalid. Your records of consent should include:
Our Consent Database simplifies this process by helping you to easily store proof of consent and manage consent and privacy preferences for each of your users. It smoothly integrates with your consent collection forms, syncs with your legal documents and includes a user-friendly dashboard for reviewing consent records of your activities.
