Skip to main content Skip to footer

GDPR: What Does Consent Mean?

In the world of General Data Protection Regulation (GDPR) our “consent” will be a major focus and understanding what is meant by consent will be important for all of us as individuals and for the organisations that we work for and connected with. So what Does Consent Mean?

The Oxford English Dictionary defines consent as: Noun: Permission for something to happen or agreement to do something. Verb: Give permission for something to happen.

The upcoming GDPR (May 2018] brings along with it an even more granular definition that will mean that it is imperative for organisations to really understand what consent means when considered in conjunction with collecting, storing and processing personal data. Confused? Please bear with me.

In May 2018 there will be the legal requirement to go through rigorous measures to ensure that organisations have been given consent to hold data. It will no longer be acceptable to just rely on ‘opt out’ but organisations must gain a “statement or a clear affirmative action.” Consent must be “freely given, specific, informed and unambiguous.” The added complication is that organisations must also show that they ask for consent, they record it and then manage the consent. In short, if they do not go through the required steps they will be at risk of being non-compliant.

Now many of you will be thinking of calling legal at this point and that would not be a bad move as the wording to make sure employees and employers are aware and protected will need to be carefully written

There are many processes to go through to ensure that organisations outline that they are asking for consent, why they are doing so, what they are doing with the data, that it is separate from usual terms, that consent can be withdrawn at any time and that the consent has been given in a clear and positive format  Finally companies will  need to show how they act on withdrawal of consent and do not penalise those who withdraw consent.

There are varied implications that organisations need to bear in mind, not only is it a legal requirement, but by doing it right will potentially build trust, although conversely doing it badly could lead to reputational damage.


About the author

Ben Crick

Get in touch

Want to find out more? Get in touch and discover what Symatrix could do for your business. We’d love to chat.

Cookie Notice

Find out more about how this website uses cookies to enhance your browsing experience.

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping baskets, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. If you continue to use  the site we shall assume your consent to the use of cookies. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers