Identity Blog

CIAM Solves GDPR: Customer Consent

The General Data Privacy Regulation (GDPR) is a European Union (EU) regulation that will go into effect May 2018. The requirements and penalties for non-compliance are both pretty severe. At 300 pages it’s quite the read so we’ve decided to help you out with a series of short blog posts. Each post will break out the key requirements of the GDPR and explain how the LoginRadius CIAM platform can help. ( Note: If you’re not familiar with the GDPR, you can catch up here. ) This article focuses on the GDPR’s Article 7 which deals with the requirements for obtaining Customer Consent.

GDPR Check ListGDPR Article 7(2) Consent: Consent must be explicit and unambiguous and must be obtained for each different processing activity.

How LoginRadius CIAM helps:
During the registration process, all forms are 100% customizable, allowing organizations to obtain separate instances of consent in order to provide:

  • A lawful basis for processing (consent)
  • Privacy policy and TOS adherence
  • Marketing and account preferences

GDPR 7(1) Consent Documented: Businesses must provide records of the customer’s consent, including the conditions under which each customer has given their consent and the specific purpose for which consent was obtained. For example:

  • When creating new accounts: A customer clicks a register now button, creates a new account and clicks to accept TOS.
  • When reaccepting updated TOS: A customer logs out, later logs back in and is asked to accept new TOS.
  • When opting in or out: A customer clicks into “My Account” and opts in or out of newsletters, events or other available options.

How LoginRadius CIAM helps:
To manage evidence of consent across the entire customer journey, LoginRadius obtains and
stores first-party metadata via registration forms, including for the intended use of data.

GDPR 7(3) Right to Withdraw Consent: Customers must be able to easily withdraw consent for the collection or processing of their personal data at any time.

How LoginRadius CIAM helps:
Through LoginRadius’ Profile Editor, customers can quickly and easily access
their consent preferences at any time to change or withdraw consent. Additionally, LoginRadius’ integrations with email service providers and marketing automation solutions are synchronized. This means that any changes to opt-outs on third-party applications are reflected on customers’ LoginRadius profiles as well, enabling truly centralized consent management.

Check back next week when we discuss GDPR Article 15: Right of Access By The Customer. 

To learn more about how LoginRadius can help you with your GDPR needs, why not contact one of our Product Specialists to discuss your situation?

For more information about the GDPR, visit our GDPR Portal.

Related Posts