How to gather consent correctly under the GDPR?

How to gather consent correctly under the GDPR?

Share this content

There are two things that we need to consider when collecting personal information from somebody for marketing purposes.

  1. Making sure that we are collecting consent correctly
  2. Making sure we are showing the user the correct privacy information before processing their data.

Say we want users to subscribe to a newsletter or we want to send them some marketing communications. It looks something like asking for name, email, maybe some other data you need and then we have a checkbox. What we write in the text next to the checkbox and how we configure it is key to ensure we collect consent in a compliant way.

The rules around GDPR consent

ℹ️ Following GDPR, for consent to be valid it must be freely given, specific, informed, unambiguous and can be revoked.

To comply with this an individual must give clear affirmative action to the processing of their personal data For more checkout: GDPR Article 4(11)

The GDPR Consent Formula

We have created a formula to make sure that your forms are always compliant. The formula is:

By <clear affirmative action>, I consent to <Controller Name> processing my <personal data> for the purpose of <purpose for which we're collecting data>. You can unsubscribe at any time. For more information check our Privacy Policy (hyperlink to Privacy Policy).

GDPR Consent Real Life Example

“[  ] By checking the box, I consent to Privasee processing my email address and name for the purpose of sending a newsletter. You can unsubscribe at any time. For more information check our Privacy Policy.”

Now let’s break down how we are complying with regulation. Remember consent must be:

  • Freely given - the box is not pre-ticked.
  • Specific - we tell the user exactly what they are consenting to.
  • Informed - we are telling the individual what data we are using and for which exact purpose.
  • Unambiguous - we are telling the user an affirmative action and not using negation language that could confuse the user.
  • Can be revoked - we tell the user they can unsubscribe at any time and give them a way to do so.
  • A user can use Privasee’s privacy portal to request for consent to be withdrawn.
  • We will also include an unsubscribe button in all our communications with the individual.

Frequently Asked Questions - FAQ

What if I am collecting data to share with somebody else? For example, if I am an event looking to share information about attendees?

This answer is a work in progress - you can email us at directly to get a response for your use-case!

What do I do if I need to collect consent for multiple purposes? For example, sending a marketing email but also sharing that data with another company?

This answer is a work in progress - you can email us at directly to get a response for your use-case!

What if someone is signing up to my product, can I just assume that I can send them marketing material then?

This answer is a work in progress - you can email us at directly to get a response for your use-case!

May 8, 2023

Frequently asked questions

Do I need to connect all my tools and third parties?

We never have access to any of your data, our platform is able to scan each tool and provide recommendations without needing to access any of the data within those tools.  There's no need for your dev' team to do anything, there are no security risks, just tell us the tools you use and we will do the rest.

What is the scope of my privacy policy?

Our policies are not just about my website or service. Once set up, our platform will help you map-out internal and external processes, such as HR, finance, and more!

Do I need to replace my current policy for the privacy portal?

We recommend replacing your current policy with our policy, this way you’ll remain compliant as your business changes and as the laws update.

Do I need help filling out my details?

Setting up is easy, just follow the on-screen commands and go through a few short steps to add your tools. You don't need any technical ability, anything you don't know the answer to you can ask us via our live chat or add later.

Why can’t I just use a template and add it to my website myself?

A template will not be applicable to your particular business as there are many things to consider for each tool you use. Also the template will not automatically update when changes happen in your business and when changes to GDPR laws are released. This can leave you vulnerable to breaking GDPR laws.

What if you don’t have the tools and third parties that I have?

We have a huge selection of tools pre-loaded and anything you don't see you can add directly from the platform as well as mapping data for any custom software you may use.

Which plan should I choose?

Our Essential Plan is perfect for people just getting started, small businesses, self-employed people and early stage companies. It allows you to get set up and start making your site GDPR compliant. You can move to our pro plan when you grow and your needs become more complex.

Our Pro Plan is aimed at SMEs and is our most popular plan as it includes everything you'll need such as a cookie banner, multiple languages as well as dedicated support.

Our Agency Plan is aimed at businesses that operate with clients needing GDPR solutions. The plan allows you to onboard clients as well as benefit from the Pro Plan for your own site.

Our Enterprise Plan is our most customisable and inclusive plan aimed at large, corporate businesses. We will essentially build you a bespoke plan with full maintenance support, onboarding classes and full company-wide access.

Feel free to get in touch to discuss our GDPR Compliance Software solution.

How easy is it to set up?

Signing up is super easy. The platform will ask you a few basic questions and then you can add your tools - don't worry if you don't know them all, you can come back and add tools at any point. The platform will then generate you the correct privacy policy based on your information, you can there share it directly on your site. That's it!

What size companies is Privasee aimed at?

Privasee has a plan for smaller companies as well as larger enterprise companies. For companies small to medium you can signup directly. For bigger enterprise companies get in touch with your requirements and our team will build you a bespoke plan.

I already have a privacy policy, do I need Privasee?

You have a legal responsibility to keep your policy up to date with every change in legal requirements for every tool you have. With Privasee you are always covered.

Still have questions?

We are here to help