Get Free Downloads
Start your GDPR today in just a few clicks
Get Free Downloads
Start your GDPR today in just a few clicks

GDPR Consent Advice

Tagged with gdpr, ico, data, textmarketing, sms, free, freeadvice, bulksms, gdprtemplate
by Adam Brogden
in Blog

02-Jan-2018 12:56

Making consent clear, explicit, transparent, granular, and freely given is possibly one the key GDPR principles. Makes a lot of sense and I totally support this requirement. However this may not be as simple as it seems. GDPR states that consent to processing should not be a pre-requisite to provision of a service. How can this be achieved? The term processing is not fully defined and the word ‘avoided’ is not the same as ‘banned’, ‘forbidden’, ‘explicitly not allowed’. So, how will companies interpret this?

For example...

We use SMS/email confirmation to verify the identity of new users on our text marketing platform. To enable this we need new users to sign-up to our privacy policy and consent check-boxes that state we will send email / sms to verify them. These regulations suggest that we are not allowed to require them to agree to this – and not allowed to make this a pre-requisite of accessing our platform. That can’t really be the case can it? GDPR can’t really specify how you verify a customer and using email/sms is very common. Do we simply claim legitimate interest on this?

Also, we want to encourage our existing users to re-optin to our new GDPR compliant privacy policy and consent options. However we are unable to incentivise them [‘Get £5 FREE credit when you re-optin.’] – to complete the re- optin process. These are existing customers that we already have consent from and definitely could claim legitimate interest. So am I really not allowed to incentivise them to opt-in to a GDPR privacy statement?

We could of-course offer a slightly different form of words to get around the regulations but I really don’t think that I should be doing that. I don’t want to be arguing semantics with the ICO or having to debate what exactly what ’should be avoided’ actually means. These vagaries and badly defined regulations are going to lead to all sorts of problems.

Any advice is more than welcome.

Good luck all.