Content library
Julkri: TL IV-I
TSU-07.1: Käsittelyn lainmukaisuus - Suostumus

How to fill the requirement

Julkri: TL IV-I

TSU-07.1: Käsittelyn lainmukaisuus - Suostumus

Task name
Priority
Status
Theme
Policy
Other requirements
Documentation of conditions of consent for relevant processing purposes
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Privacy
Processing principles and accountability
requirements

Task is fulfilling also these other security requirements

7. Conditions for consent
GDPR
17. Right to erasure (‘right to be forgotten’)
GDPR
A.7.2.3: Determine when and how consent is to be obtained
ISO 27701
A.7.2.4: Obtain and record consent
ISO 27701
A.7.3.4: Providing mechanism to modify or withdraw consent
ISO 27701
1. Task description

If our organization processes personal data based on the consent of the data subject, we must ensure that the conditions for consent are met. The conditions for lawful consent are:

  • The controller must be able to demonstrate that the data subject has consented to the processing of his or her personal data
  • The request for consent must be clearly separated from other matters in an easily comprehensible form
  • The data subject may withdraw her consent at any time and has been instructed to do so before giving her consent
  • Withdrawal of consent must be as easy as giving it

The Data Protection Officer may be responsible for assessing the conditions of consent. It is also important to consider, whether consent is generally appropriate as a legal basis for the corresponding processing.

No items found.