Consent and Preference Management
Designing end-to-end consent
It can be difficult to keep track of what actions have been taken based on user consent: what cookies have been dropped, what data have been collected and where they are held becomes challenging to ascertain if not recorded from the outset. The process becomes even more complex and demanding when different departments or teams within a company each have different systems or process the same data independently from each other.
Common issues with
It is not only data collected based on consent, but also the records of consent that need to be stored in a systematically designed way and place, for ease of access as well as for demonstrating compliance. That is often difficult to manage without appropriate software solutions.
Accessible and well-designed consent data storage is also important for the company’s ability to keep consent records correct and up to date. Since consent can be withdrawn at any point and is often time-sensitive it is crucial to know how and where consent records can be accessed and updated.
In the data economy that we live in, scalability is a crucial aspect of any data management solution. Consent management is difficult, if not impossible, to scale well without tailored software solutions.
Our approach to sustainable constent management
We provide different solutions depending on our clients’ pre-existing consent management arrangements: from initial set up, required where consent management is absent, to remediations, where established systems need improvement.
Cookies & trackers
In order to notify the data subject of cookies and trackers and request consent, it is necessary to be aware of what types of them are in use. Using our proprietary technology, we are able to scan our clients’ websites to detect all tracking technologies they employ and take appropriate actions on that basis.
We help our clients design systems for collecting and storing data based on data subject consent. We ensure that the solutions include automations for updating the data or deleting it upon the withdrawal of consent.
Centralised consent tracking systems
To facilitate effective record keeping of consent data, we set up centralised systems with regulated access on team, department, and company level for our clients. Consent is stored granularly, for each data type and processing purpose. This makes it easy to interrelate each data point processed with a record of consent on whose basis it is processed and take appropriate actions should consent be withdrawn. It also makes the solution efficient and scalable.
We provide guidance on how to obtain consent from users in ways that not only comply with the regulation but also augment user autonomy. We detail when consent should be asked for, what language and choice architecture should be used, and in how much detail the request should be presented to the data subject. Each of these elements depends on the type of company and processing activity, so the solution is tailored to the individual client.
We investigate all data holding locations and trace data collection channels to determine what data is currently held by our clients based on consent, as well as where it is held and how it is organised.
To promote efficiency and scalability, we advise our clients to adopt software solutions to consent management. We leverage our familiarity with different options available on the market to find the one best suited to each company’s particular needs.
We offer general consent awareness training to our clients’ employees, focusing on consent requirements and retention periods. We also provide specific trainings in software setup and management for the solutions chosen by our clients.