New GDPR laws create much stricter rules for getting and managing user consent on organizations and businesses regardless of their size. Here are a few questions and answers to help your business achieve compliance with GDPR to avoid fines of up to €20 million.
How does my business need to be compliant with GDPR and the tougher demand for user consent?
GDPR prohibit all processing of personal information without lawful reason. This requirement requires you to ask each and every individual for consent to process their personal information.
How my business does collects user consents?
Forget those lengthy terms of service. Thanks to the new law, no more reading through legal mambo jumbo, and who reads it besides the lawyers anyways. User consent cannot be buried in those lengthy Terms of Service that your business is using today anymore. Users must explicitly be presented with clear information on what data your business is collecting and how your business will be using the data, so that the individual can make an informed decision. To top it off, all user consents must also be time limited.
For example, if your business collects user emails to distribute newsletters, then you can only use that email to send the newsletter, all other use of the email address is prohibited. In addition you need to adhere to strict reporting requirements, every time your business sends a newsletter, your business needs to keep a record and be able to trace it back to the users consent for government audit or user self-reporting.
|Consent Management dashboard at Omnibasis|
Can the individual withdraw the consent later?
Yes! Any consent can be withdrawn at any time and the affect should be immediate, without any delay or excuses. User consents need to be just as easy to withdraw, as it was for you to collect it in the first place.
Do I need to prove that the consent was given?
Yes, regardless of the size of your organization or business, you must be able to prove, in great detail, that there was a user consent provided to avoid fines of up to €20 million. The record of for the proof of consent must also contain the time it was given and what information was provided at that time. It also must uniquely identify that user and the specific consent that was given.
How will your business will handle user consent?
Your company or organization easily can be in compliance when processing information, user consents and personal data with Omnibasis.
Omnibasis helps your company, business, sports club, non-profit, association to store and manage your customer’s personal information in a safe way in compliance with the tough GDPR requirements. Start your compliance journey for free at omnibasis.com