Blog Image
Profile Image Verifile
April 4 2018

Practical Tips for Consent under the GDPR

The EU General Data Protection Regulation is getting closer every day. For many privacy offices, this equates to an overwhelming workload and anxiety about where to begin and a view of the GDPR as nothing more than a list of projects to complete and items to check off in an effort to be compliant.

However, the GDPR is actually quite flexible, and compliance with its requirements is intended to be an ongoing exercise, rather than as a means to an end. It is a risk-based approach to privacy and data protection that is full of requirements for conducting analyses, balancing tests and assessments, and the overlap between these requirements often gets overlooked. As a result, the work done to address one article of the GDPR can be leveraged when addressing others. This is a proposal to simplify GDPR compliance efforts by combining and conquering.

OneTrust privacy mangement software offer practical tips to data controllers for meeting the GDPR 's consent requirements, and how to put consent management into practice.

They offer advice on identifying processing activities, assessing whether consent is the most appropriate legal basis, how to formulate consent requests, and how to ensure that consent requests are kept separate from other terms and conditions, specifically that technical and legal jargon is avoided, that the request is prominent and clearly visible to the data subject and is user-friendly, and more.