First things first, you’ll have to analyse your website, your purchasing workflows, your contracts and make some big changes. You’ll find that upon purchasing a product or service from many vendors, you’ll be opted in for everything, including ‘marketing stuff’ and this was all buried in section 29 subsection f paragraph iii of the T&C’s. This is in stark contrast to how the clear majority of organisations handle consent today. Changeable at any time, preferably by the user.Consent must be explicit and in response to ‘clear, concise language’.At the heart of this principle are several guidelines: Here, we’re going to look at both in some detail. Exactly 1 year / 12 months / 52 weeks / 365 days, until enforcement of the biggest revolution in data protection, subject’s rights and organisation’s increased obligations!Īt the very core of the GDPR principles, right alongside process and procedure documentation are both identity management and consent management. Guest blogger Richard Hancock continues his series on GDPR preparation.
0 Comments
Leave a Reply. |