Obtaining consent is one of the conditions of lawfulness for the treatment of personal data established by the new European Data Protection Regulation. How are you going to obtain it?
In Signaturit we have developed four solutions that allow us
to obtain evidence that consent has been obtained under GDPR.
It is a script that can be integrated into any web page or application.
When a person fills in the form to give consent on the processing of their personal data, Signaturit will save that record, as well as the terms and conditions accepted by the data subject at the moment of clicking on the "Accept" button.
Use cases: the acceptance of cookies, or the acceptance of the general terms and conditions of a company.
Script + authentication factor: we validate the consent through an OTP or a temporary validation code delivered via SMS or email.
In both cases, in addition to collecting the same data as in the Basic eConsent solution, we also have the email and/or mobile number of the data subject. This information offers a higher level of confidence when identifying the data subject.
Use cases: the renewal of consents which have been already granted, transfer of personal data to third parties for marketing purposes, consent for publishing personal data on online marketplaces (i.e. Airbnb).
With the Advanced eConsent solution we can uniquely identify the person who gives consent. To do this, the data subject is invited to sign the consent on their smartphone, tablet or computer with our advanced electronic signature.
Through our advanced electronic signature we collect a series of data from the context in which the signature is made as well as information regarding the signature stroke: which is the biometric data of the data subject.
Use cases: cases in which the personal data to be processed falls into a special category, to accept conditions that include data transfers outside the EU, or in the case of automated individual decision-making, including profiling.
This solution adds one more step with respect to the Advanced eConsent: it is about requesting the data subject that, in addition to signing the content of the consent, he/she attaches a photo of their ID card or passport.
In this case, in addition to collecting the same information as that of the Advanced eConsent, we verify the authenticity of the identity document, thanks to our OCR technology. With this solution, we reinforce the information about who gave consent.
Use cases: cases where companies are obliged by law to check the age of the data subject: online sellers of alcoholic drinks, online gambling, etc.
Fundamental concepts to understand what consent is in the context of the new European Data Protection Regulation.
The General Data Protection Regulation (GDPR) is a new European data protection law that will be fully applicable throughout the European Union as of 25th May 2018
The new GDPR affects any company, established in the EU or not, that stores and/or processes data of residents of the European Union.
Consent is one of the conditions of lawfulness established by the GDPR for the processing of personal data. As defined in the Regulation, consent must be free, specific, informed and unambiguous.
The adjective "unambiguous" requires that the data subject accepts the treatment with a clear affirmative action, which can be done by electronic means.
In certain cases, in addition to being free, specific, informed and unambiguous, consent must also be explicit.
In these cases, those responsible for the treatment of the data will have to ensure that consent is obtained in an indisputable manner. One way to do this is through a written declaration signed by the data subject.
Discover all the content that we have created so that you can inform yourself about the new General Data Protection Regulation (GDPR).
We have developed our solutions to obtain consent in accordance with the new GDPR together with the Belgian law firm De Groote - De Man, considered a pioneer in the field of innovative legal practice and therefore winner of the prestigious Financial Times Innovative Lawyers Award in 2017.
De Groote de Man offers experience in several areas, with the new GDPR being one of its most valued specialties. According to Jeroen De Man, Managing Partner, "eConsent is a real tool, offering an airtight solution for all businesses in Europe to be compliant with the law. Thanks to the four different modules, it can be a match for any company.”
Please note that this page is for informational purposes only, and should not be relied upon as professional legal advice. We encourage you to hire professional advice to determine precisely how the GDPR might be implemented into your organization.