The first step involves identifying consent collection points and capturing consent. In today’s online media, consent is not limited to one particular checkbox or a single consent form. There are various consumer-facing touchpoints within and across online platforms, and consent is spread throughout the data subject’s online journey. For example, consent to collect personal data may be needed when a data subject logs into an application or service, downloads a form from the organization’s website or interacts with the organization in some other mechanism. Here, the PrivacyOps platform enables organizations to effectively capture consent and revoke consent across the identified data subjects’ touchpoints.
After consent collection points have been identified and consent has been obtained, the second step is to monitor, track and sync it: Organizations have structured and unstructured databases throughout multiple systems and silos with different identities for the same data subject. The PrivacyOps approach enables organizations to build one central interface to monitor consent activity among internal stakeholders and sync data subjects’ consent status across all organizational units. This ultimately helps organizations honor consent across the organization, whether it was obtained before personal data processing (opt-in consent regime) or by notifying the data subject (opt-out consent regime).
The third step is to adequately honor consent revocations and data subjects’ preferences at any given time: The PrivacyOps approach streamlines the consent management process by providing a preference center builder. Organizations could easily configure and deploy a page for data subjects to update their preferences and withdraw consent. The preference center is available at all times and is representative of the data subject’s consent preferences. The PrivacyOps approach helps organizations immediately and adequately honor consent revocations across multiple systems.
The fourth step is to ensure that a particular data subject’s consent gets documented accurately: The PrivacyOps approach enables organizations to maintain audit trails of data subjects’ identities, consent categories, consent status, and consent date. The data subject’s location code, third parties that the data is shared, and the information provided at the time of obtaining consent are also recorded. Maintaining such comprehensive audit trails helps organizations demonstrate compliance and respect the data subject’s latest preference.