Complianz Privacy Suite

Records of Consent

Get compliant today in the European Union, United States, Canada, United Kingdom, Australia, Brazil & South Africa with the only Privacy Suite for WordPress that offers a fully-featured plugin for Worldwide Compliance.

Transparancy & Consent Framework
The Privacy Suite for WordPress - including TCF & Consent Mode

Categories

Popular articles

TTDSG, the New Cookie Law for Germany

As of December 1st, 2021 the Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz) regulates the handling of cookies, local storage, cookieless tracking,  and other tracking technologies in

Read More

Cookieless Tracking and GDPR

In this article, we will have a closer look at cookieless and server-side tracking and how this affects your website’s configuration regarding privacy laws. The

Read More
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Table of Contents
Records of Consent is available in premium, from 4.9.2 onwards
In the free plugin and our premium plugin below version 4.9.2 we use , to fulfill the GDPR guidelines to ‘record’ your consent management efforts toward your website visitors. For more information about Proof of Consent and why it conforms to the legal obligations under the GDPR can be found here. In some instances, literal registration of consent per user is needed to conform to specific wishes of your clients, or organizations like IAB Europe when using their Transparency & Consent Framework. We will explain more below.

Registration of Consent

Enabling records of consent can be done in the wizard. As this will void the data minimization principle and will write to your database, please be aware this is a personal choice if not obligated by a specific (privacy) law, client or organization like the IAB Europe. Registering or recording your visitor’s consent will collect the following information;
  1. Anonymized IP Address – Most IP addresses are dynamic, so a full IP Address will be useless to specifically identify a user. We will anonymize and store the IP address.
  2. A unique userID which is also stored in the local storage of the user’s browser, making identification easier and more reliable than an IP address.
  3. The consent type of the particular region; e.g., “Opt-in”
  4. The consent choices – Either the categories on your or exceptions like “No choice” and “No warning”, as explained below.
  5. A timestamp of the latest consent choices by the user. A history of consent is not necessary.
  6. Proof of Consent document to prove the actual process of your consent management and which cookie policy was relevant during this process.

Exceptions in consent choices

There are 2 exceptions if the categories on your banner are not registered.

  1. No choice – this happens when the user has not interacted with the cookie banner, but the banner was shown and the consent management process was started. A simple example would be someone who either did not notice the banner, or did not interact on purpose. This happens when banners are not easily visible or the user got what they needed on the page they landed or purposefully did not interact. A soft cookie wall, available under cookie banner settings should minimize this consent option.
  2. No warning – this consent option is shown when the consent management process was cut off for 2 reasons; either the user is not in a region with a supported privacy law. Or privacy settings, like , and Global Privacy Controls are set in the browser and are respected by Complianz.
Both of these will also suggest the user will default to functional only.

Handling a user request

A user might request proof of consent, or the deletion of consent given.

Proof of Consent

A user might ask to show the records of consent. As you’re only obligated to show the process of consent management, we will call it proof of consent when referring to the legal obligation. How to show proof of consent;

  1. Ask for the UserID, which is stored in the specific browser they have entered your website.
  2. Search for the UserID under the menu item records of consent.
  3. Download the proof of consent, which is a snapshot of your settings and cookie consent management at the time of their last consent choice.
  4. Append this to an email whereby you summarize the other information regarding consent, IP range, consent type, timestamp, and choices.
  5. Make sure you point them to https://complianz.io/consent/, which is the explanation of the process.
  6. If they want to be removed, delete the UserID. Their local storage cookie will be void, and settings reset.
  7. You have now exceedingly met the expectations under the GDPR and other privacy laws.

Locating the UserID (as a website visitor)

This is a quick guide on how to retrieve the UserID as a visitor of the website.
  1. Open your browser, in this example we will use Chrome.
  2. Go to Settings – Privacy and security – See all cookies and site data
  3. The user should look for your URL to show all stored cookies
  4. Look for the cookie called “cmplz_ID” and they should share the content value, or UserID (125 in the below example) and the time stamp when it was created.
  5. With this information from your user, you can refer them to the correct data in records of consent.
If they are unable to find or locate their UserID, send the proof of consent which relates to cookies set by Complianz and their timestamp. If there are no cookies available, send a current proof of consent and explain that without cookies and local storage a specific consent management is unattainable as you adhere to the minimization principle and no is stored, so no identification without the user is possible. This also means the current consent will be set to default, which is “No choice” and no consent is yet recorded.

Recent articles

Join our mailing list - 8 Tips & Tricks in your inbox over the next 8 weeks!