Consent is the basic principle that drives much of the new European GDPR (EU General Data Protection Regulation). It means that the data-subject, normally the individual whose data is being exchanged, has to be informed and specifically agree to the use of the data. This, in turn, opens up two different paths:
- Existing Data for which consent is needed
- New Data that needs to be collected
Both these facets need to be considered and managed as part of consent-management going forward.
As part of doing business historically many organizations have collected data about their users. What they have not done historically is ask their users clearly for their agreement (consent) to use user data. This gap now has to be bridged to be compliant with GDPR regulations.
However, more is needed. At every point companies collect data they also have to collect consent to use the user’s data in specific ways. They also cannot make the assumption that consent is forever and need to regularly refresh the consent. This requires a radical rethinking of user data collection and management.
Consent with XcooBee
XcooBee can assist in securely collected new data as well as consent for old data. Thus, XcooBee Consent management provides a unified approach to handle both types of data and with few integrations allows legacy systems to stay unchanged.
Moreover, because XcooBee is a central element that allows users’ to control their consent for many companies and similarly, allows companies to manage consent across many different subsidiaries and product groups it simplifies drastically the logistical challenges of all interactions.
Consent Center for User
The user consent center is the central place that users can interact with their current and historical consents. They can make changes and report misuse as well as renew consent easily. It is simple for each user to see who has their data and what they are allowed to do with it. This level of insight has never existed prior to XcooBee.
Campaigns for Companies
From the company perspective, the individual activities surrounding collection and maintenance of consent or consent with data, fall under the XcooBee Consent Campaign concept.
Campaigns determine whether organizations seek consent for existing data and/or also collect new data as new business is conducted. With standardized terms for multiple languages this is easily accomplished. Both users and companies look at the same terms.
Thus a campaign drives:
- the reason for data collection
- the type of data collected
- the actual use of data
- how the the data will be collected
- renewal of consents
- the life-cycle maintenance
For example, collecting an email from a website to deliver a white-paper has a different campaign profile than running manufacturing production for existing customers and delivering finishend goods.
For enterprise customers, campaigns can support custom data collection, multiple offers per customer, and many administrators working simultaneously. Thus, multiple campaigns can be run independently and managed by different administrators.
Once activated, campaign managers can deal with user interactions and document compliance and even deal with follow up to data-breaches.