29 Oct 2017
How to Find Out About Consentua
Well reading this is a great start! So far our customers have been coming to us. Sometimes via a soft introduction from a partner or direct after a search or having looked us up on a directory (we are on IAPP for example). The common element, however, is that they all have a specific need which Consentua fulfills. A need for a system/service (aka an API) to handle consent management.
Yet this new consent management tool has to look good for customers. It must deliver more than just a consent. It needs to be transparent and give users some degree of control too.
This new ‘consent management system’ ideally has to be delivered as a software-as-a-service in the cloud (with all the caveats expected of a freemium service), but also in a secure and low fuss way too.
Typically, they require a method of creating an audit point that proves they as a data controller are allowed to process personal data. They tend to want lots of flexibility. This is because they know they will be changing the data types and purposes fairly regularly.
They also have a need for a low impact, a quick and low-risk method of dealing with this. Oh, and they do not have deep pockets either. Which means Consentua’s great value and speedy enablement are massive bonus points.
What is Consentua?
It does one thing well. It captures consent to process personal data. With a clear, unambiguous description of the data types and purposes. Along with the ability for the ongoing validation of this consent. The clear user interface which captures the consent from the user is transformed into a standard based consent receipt.
This consent receipt can then be shared and used by any party that the consent owner (the data controller) wishes. This means both parties (the controller and processor) are covered when it comes to audit time and the question is asked: “has customer X consented to this use of their personal data?” “Yes” is the response. “Here is the consent receipt.“
It is also secure, low impact in terms of the demands it has on customer systems. Quick and easy to install via our plugins. Also, the service is very flexible out of the box. Consent templates drive the what the user sees on their mobile or browser. Templates can be changed anytime. Including, adding purposes, adding data types and new purpose groups, which could be due to a new product or 3rd party processor.
But can I see who has consented to what?
Of course. A number of queries are available via the API. These are: What has this specific user consented to? Who has consented to what for this consent service? These queries can be sued to help with subject access requests, notification of a breach and finally if a data subject demands the right to be forgotten.
Consent services can be organisation wide, campaign-specific or even country level. Yes, Consentua is international and can support any language as long as the translation is available, the consent receipt is still created.
Trust & Transparency
It is not all about consent though. One of the changes that GDPR brings is a demand for a more transparent description of the data types and purposes even when legitimate interest for processing this data is allowed. A stretch ambition is to get apps to reduce the amount of clutter in terms and conditions. This will hopefully mean apps use Consentua as the main vehicle for describing to the customer the service they can expect in return for sharing their personal data.
Overall though the aim of Consentua is to improve the trust between customers and brands. We believe that by having the transparent and easy to understand description of not only the types of personal data that are being used but why and for what purpose too; brands will increase trust. This is because honesty that is then continually verified through practice and experience fosters trust. But you have to explain what it is you are doing as a brand first.
In short, consider Consentua to be an essential service, but one of many that ensures your customers are happy. We think of Consentua as like a CDN, but more useful. Because of the consent receipt that Consentua stores are a record in your full control.
Already mentioned, but the Consentua widgets which are growing in number, provide an easy way of integrating with the API. They are available via this Consentua page. Consentua is more a B2B system that a B2C consent capture mechanism. As it is what you do with this consent to process personal data that will be the key to fantastic customer service.
The widget is open source. Please use as required and note Consentua can easily be a white label provided service if desired.
Why Choose Consentua
If you want the following:
Great value. WYSIWYG. Clear & transparent pricing from $99.
A secure API that creates a ‘consent receipt’ that can be shared with others I allow.
Low hassle to my enterprise. No other strings or pre-requisites.
Easy to install. Does not cost an army of consultants or much time. Bearing in mind the GDRP deadline is approaching. Use the widgets for fast start.
Flexible to use. Change is constant. This service can keep up with the pace.
We do not have any demand for personal data to manage consent. Only a common identifier.
Delivers Trust and Transparency. Enables Choice and Control.
How Many Steps to my own Consentua Service?
Three.
Create your Consent Template(s). Describe the purposes, data types used for the purpose.
Deploy your widget where required, app’s, browsers, systems, platforms. Turn on your Consentua service
Capture consent from users and describe your needs for personal data in a clear and transparent way. . Start using the permission to process personal date to deliver fantastic service.
Where do I Go?
consentua.com
or
[email protected]
13 Oct 2017
The world where business’ have a free for all over personal data is changing. Why though is the change occurring?
The first reason is the new data protection regulation. GDPR. I do not congratulate legislators often, but this is actually good legislation.
Don’t Panic. Life is Good
GDPR is good for us as citizens as we now have more control and can now start to earn real benefits from our personal data. Plus it is good for society as something with economic value (our personal data) will now attract the right type of investment, which means we as customers/users/citizens benefit. All those in business are still someone’s customer.
Not all about legitimate interest
The legal community (and to some degree the ICO too) are backing the use of legitimate interest as the firmest base for processing personal data when consent has not been secured. In many circumstances this is right. However, GDPR is also about transparency, so even with legitimate interest the data controller still has to clearly explain what data is being used for. Therefore, an opportunity exists to be more transparent in the use of personal data. Perhaps now we can start a trend that will also see the demise of terms and conditions full of legalese that no one reads!
Good for Business Too
This new regulation is good for business too. Firstly, all personal data being processed must have purpose. Data without a purpose is a burden. An imperative and the capability should now exist as a result of GDPR to exorcise this deadweight data. Additionally, having the consent to process someone’s personal data is an example of trust. Improved trust in the brand will improve sales and customer satisfaction. Plus, the cross organisation discipline that GDPR demands will improve the bottom line by saving money and reducing risk. Especially with regard removing data without a purpose.
Key with GDPR is Protection
The key word though with GDPR is Protection. The responsibility is now on business and organisations acting as data controllers or processors to know what personal data they are processing and why. Ensuring this data is suitably protected as well as being responsible guardians of this personal data when using it. It is the new process’ and change in how an organisations staff use personal data that will see the biggest changes.
Mindset Shift
This will require a shift in mindset across lines of business where they interact with personal data. Be it personal data in HR, or customer data in Marketing, Billing, Operations and Customer support. The key though is having a Privacy Impact Assessment (PIA) completed. The next step is to ensure that the fixes identified include people and process aspects as well as a little investment in some technology.
CFO opening the wallet
GDPR is a good time to prise open the CFO’s wallet so that a series of targeted yet joined up investments across the organisation will realise a more fit for purpose outfit post 25th May 2018. Marketing need to justify personal data ownership and encourage a personal service offering, which will require a response from operations and customer support. All parts of the organisation will be impacted, but look at it strategically and the benefits will outweigh the costs. Take advantage of this imperative to act. Your competitors will if you don’t.
Rise of the the Experience
The second reason is humanities growing desire to have an ‘Experience’. Simply purchasing and owning something is now no longer viewed as a must have. The life you lead is more important. As can be seen by the way we are constantly telling the world what we are doing via our social media feeds. But in some respects this is still our data we are choosing to share.
Sustainability and Sharing
Added to a growing realisation that a more sustainable approach is better for the planet. Allied to technology enabling ‘things’ to be easily shared means that owning stuff is no longer necessary. Sharing is both good for the wallet and good for the planet. Plus it leaves more income to spend on the ‘Experience’.
Which from a retailers perspective they are handling a double whammy. Shopping, will become ever more dominated by web based purchasing, therefore to differentiate and to attract footfall the shopping centre now has to provide an ‘Experience’. Customers will demand a great day out, irrespective of anything being purchased. It is what you saw and did, as well as who else was there and how did you share the ‘Experience’. Then you buy online.
Differentiation
Another way to differentiate in the retail and hospitality space for example is to provide that really bespoke personal service. From the moment the customer decides to visit to their return home the ‘Experience’ is magic. Everything from transport, through to meal reservations and the after dinner show were delivered like clockwork and all the favourite things were laid on as if by magic. Every customer will be treated like a rock star. Minus the tantrums.
Shift to Personal
So the shift to personal service delivery is now gaining momentum. Some are already cashing in on their brand value. With Personal Information Managers such as Meeco & Digi.me encouraging the creation of the view of You as the Data Controller. All this points to a new trend in how personal data can and should be exploited. That is, enshrine Privacy-by-design and be transparent in request for personal data; build/reinforce trust and reward users with awesome services.
Surveillance Culture Undermined
The third reason is societies growing wariness of digital intrusion and tracking. A desire to check out of the constant scrutiny. Why does the internet have to be so invasive? Yet at the same time why cannot a retailer know that I have made the purchase and I was happy. But the constant pop-ups are making me re-think a next purchase. So out of spite it will go to a competitor, even if I end up paying more. Yes deploy ad-blockers but surely we can be smarter here. After all, we are being tracked.
What is missing?
What this then needs is a way of bringing together seamlessly the capture of consent from a user. Then a way of sharing this consent statement with those that need to know. But does this give users real control? Sort of. Depends how the consent was captured. Is it timely? Was it transparent? Was it unambiguous?
Plus it needs ownership and leadership that spans the organisation. Backed up by new tools, process and approach. A good place to start is to engage some experts.
Consentua
KnowNow have developed a new service called Consentua that takes the strain out of capturing the consent from users to process their personal data. The service gives users choice and control over their personal data. It is transparent, unambiguous and very flexible.
Comprised of two parts a secure API and a widget. The widget seamlessly deploys into your code and then simply and transparently informs and asks your users for their consent. The API requires a user specific token so as to grant access to your very own bespoke consent service.
Control
Consentua is designed to be fully in your control, offering maximum flexibility but low impact in terms of integration. With minimal effort to set up and test. Multi language support and real time changes to the consent service are available out of the box. The business can evolve the service offering versus the personal data requested over time as Consentua can adapt very quickly and easily to this change.
Who is it good for?
The service is suitable for organisations that want to have a transparent engagement with their customers; or perhaps a business that requires a consent receipt to be shared across multiple parties internally or externally; or where a global business wants a single method of consent capture but local language deployments. Then Consentua is a great fit.
Price is Right
The service is available now priced from $99 for SME’s through to $8999 for Large Enterprises.
For more information go to www.consentua.com
Now all of us users are in control.
Thanks for reading, Chris
Chris Cooper is CTO of Consentua and co-founder of KnowNow Information.