Search
Close this search box.
AI-based solution designed to automate personal data discovery and classification
Discover personal data across multiple systems in the cloud or on-premise
Turn data subjects request into an automated workflow with a clear insight into data every step of the way
Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation
Privacy portal allows customers to communicate their requests and preferences at any time
Introducing end-to end automation of personal data removal

Latest Blog posts

Learn the terms

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

Consent

What is consent?

Article 4(11) defines consent as any freely given, specific, informed, and unambiguous indication of an individual’s wishes regarding the processing of their personal data. Consent is one of the six lawful bases for data processing outlined in Article 6 of the GDPR, and its purpose is to give individuals control over their data.

Characteristics of consent

To be considered valid under the GDPR, consent must have several characteristics, including being given with affirmative action, being distinguishable from other matters, and being specific and granular. Additionally, the individual must be informed of the processing purpose, and there should be no influence or repercussions that can affect the individual’s choice.

It must be given with affirmative action, and processing purpose needs to be thoroughly explained to the individual.

  •  There should be no influence or repercussions that can affect an individual’s choice.
  •  It needs to be distinguishable from other matters
  • Consent can be given as a written statement, including the electronic form or oral form,
  • It needs to be given in an easily accessible form and clear and understandable language.
  • The data subject should be able to withdraw consent as easily as it was given without negative consequences for the data subject.
  • Consent should be an expression of the data subjects’ real choice.
  • Consent requires a positive opt-in, which means the methods of default consent are non-compliant.
  • Make sure it is specific and granular
  • Giving consent should not be a precondition for the service you provide

Consent should also be an explicit indication of the individual’s wishes, and the data subject should be able to withdraw consent as easily as it was given, without any negative consequences.

It must be given in an easily accessible form and clear and understandable language. It’s essential to note that consent cannot be assumed from silence or inaction, and pre-ticked boxes or implied consent are not considered valid under GDPR. Finally, giving consent should not be a precondition for the service provided.

All glossaries
  • All
  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • K
  • L
  • M
  • N
  • O
  • P
  • R
  • S
  • T
  • U
  • V
Scroll to Top