Consentua Use Case Stories.

The following white paper is a description of how Consentua is being used.

Three use cases are described. The first is where a consent capture is required as part of a customer re-validation process or acquiring a new customer contact. The second is using Consentua within an existing app. The third is where Consentua is being used by a platform as a white label consent management service.

Each will cover three elements:

  • The reason for capturing consent
  • The client integration story. Including how Consentua was integrated and the template used.
  • Realised benefits.

GDPR demands that citizens give consent in certain scenarios. One of which is for direct marketing purposes, especially where your data will be shared with 3rd parties. Another is where for trust and brand reputation reasons a transparent and consented to use of personal data is desired.

The use case here is for a charity. They have a desire to capture consent from both existing and new supporters. For new supporters the consent is captured when they first sign up. For existing supporters the consent request is emailed and the subsequent consent interaction occurs on a customers view of their existing consent, which needs to be verified.

The charity has approximately 5000 contacts in their CRM database. The estimate is around 50,000 consent interactions. This will cost the charity $99 per year.

Client Integration Story

The charity are required to make a number of changes to use Consentua. The web component will be used. This is applied to the charities web site. The charity also needs to be able to process the consent data. This involves granting access to other systems to the charities client consent service. As well as making sure they only process based on the result returned from Consentua when queried.

Consentua uses the same identifier for a user as the requesting system asking for a view of that users consent. In this use case the supporters email address is used as the common identifier.

The other aspect is the consent template that the charity is requiring. Templates are really about scenarios and can be further broken down into purposes. This use case has only one purpose and a limited number of personal data types. This results in a binary consent, single purpose consent service.

Transaction Flow

Existing Supporter being emailed.  Step 1.   Supporter is given a link via email - clicking on this link takes to the user to a consent screen - (which is a popup on the charities web site)  Step 2.  Supporter can change email address or inherit one from email and then grant consent  Step 3.  Consent popup sends the now  agreed to consent request to Consentua.  This creates a unique consent receipt per that user identifier  Step 4.  Charity systems can ask Consentua via the API who has consented to what or what has this user consented too.  

New Supporter 

Step 1.  Supporter goes to website - encouraged to provide some details - «> Step 2.  Consent screen pops up - capture email from user and get consent for personal data required Step 3. As per above. 

Benefits Realised

The charity were able to deploy Consentua with ease and have been able create consent receipts for all supporters both old and new. Total cost to the charity was $99, plus the internal effort of using the web component and querying the API via other systems - (estimate at 2 days development and testing time).

Total benefits:

GDPR compliant Clear consent statement from supporters Flexibility for future needs already built in.

2. Established mobile app

This particular application uses a number of personal data types in its operation. The app is available on both iOS and Android. The need to capture consent is because of the multiple purposes for which personal data is used. Due to a relatively high churn rate (20%) the data controller can never assume consent is granted at all times.

This app collects personal data on location, sentiment, age, gender and occupation. The data is shared with numerous parties, albeit in an anonymised form. The data is used to influence other outcomes and the results are displayed in a public place. Users are interacted with on a daily or at a minimum a weekly basis.

The app has a few thousand users, however the interaction count is very high. Therefore the cost to the customer is $899 per year for 500,000 consents.

Client Integration Story

The primary user interface is via a mobile. So a new app update is shipped with the Consentua SDK deployed in that update. When the user goes to the new consent view, which can be auto pop-up or via push notification they will start interacting with Consentua.

On the clients backend a new check is made prior to personal data processing to check Consentua that all users in scope are consenting to that interaction.

The consent template is broken into two categories, the first is realtime data and outcomes. The second is historical data used for analysis and prediction. The first is a linear purpose group the second is a binary purpose group.

Transaction Flow

Step 1.  User receives notification to check consents Step 2. Launches Consent view which kicks off a request to Consentua. Step 3a. If a new user, Consentua creates them and awaits their saved consent settings. Step 3b. If an existing user Consentua retrieves the last save consent setting and displays this. Step 4. App management tool can now see who has consented to what via Consentua API.

Benefits Realised

The customer has a transparent description of how personal data is used and applied, which end users appreciate and trust. The enablement of the consent receipt for others to access has been of benefit from a later research perspective. As a new 3rd party could be added and the new consent request updated in realtime. With no further code updates or app releases required. This flexibility alone paid for Consentua.

Cost to this client: $899 for 500,000 consents per annum. Plus the internal effort of using the mobile app SDK’s and set up the querying job to the API for other systems - (estimate at 4 days development and testing time).

Total benefits:

GDPR compliance swiftly enabled Quick & easy to deploy API & SDK Clear & transparent consent statement from users builds trust. Flexibility for future needs already built in.

3. As a component in a platform (via white label).

This customer has a platform that supports many different other companies. These customers use this platform as a one stop shop for customer contact and engagement. These customers expect the platform to be GDPR ready.

The platform will be creating campaigns for direct marketing specific brands to certain audiences. Customer acquisition and personalisation are key to these brands so knowing customers better is a primary objective.

The personal data will be shared with 3rd parties, but the benefits the customer receives as a result need to transparently articulated. This build trust in these brands.

Client Integration Story

The platform systems integration team are using the web component and a dedicated set of consent templates. These are then assigned to a specific campaign, which is then emailed to customers/prospects.

Once the consent receipt for the user is safely stored in Consentua. The campaign management tools in the platform can now ask Consentua for details on which customers have consented to a particular campaign.

The consent template is relatively simple. With one purpose and two data types. This equates to a double binary consent template.

Transaction Flow

Existing Customer being emailed.  Step 1.  Customer is given a link to a campaign via email - clicking on this link takes the user to a consent screen - (which is a popup on the campaign web site)  Step 2.  Customer can then grant consent, as well as add additional data to their profile. Step 3.  Consent popup sends the now  agreed to consent request to Consentua.  This creates a unique consent receipt per that user identifier  Step 4.  Campaign management tool on the platform can now ask Consentua via the API who has consented to what or what has this user consented too.  

Benefits Realised

Multiple. From the platforms perspective they have a fast path ready made consent service running under their brand. Their customers have a GDPR ready consent management capability at there fingertips.

Time to deployment of new consent services is rapid. A 10minute task to create a new campaign template, service and assign users.

The total cost to the platform for Consentua is $8999 per annum as the number of consents is going to be near 10 million per annum.

Total benefits:

GDPR compliance swiftly enabled Quick & easy to deploy API White label SaaS offering. My brand but none of the cost of developing.
Flexibility for future needs already built in.

How do you find out about Consentua?

How to Find Out About Consentua

Well reading this is a great start! So far our customers have been coming to us. Sometimes via a soft introduction from a partner or direct after a search or having looked us up on a directory (we are on IAPP for example). The common element, however, is that they all have a specific need which Consentua fulfills. A need for a system/service (aka an API) to handle consent management.

Yet this new consent management tool has to look good for customers. It must deliver more than just a consent. It needs to be transparent and give users some degree of control too.

This new ‘consent management system’ ideally has to be delivered as a software-as-a-service in the cloud (with all the caveats expected of a freemium service), but also in a secure and low fuss way too.

Typically, they require a method of creating an audit point that proves they as a data controller are allowed to process personal data. They tend to want lots of flexibility. This is because they know they will be changing the data types and purposes fairly regularly.

They also have a need for a low impact, a quick and low-risk method of dealing with this. Oh, and they do not have deep pockets either. Which means Consentua’s great value and speedy enablement are massive bonus points.

What is Consentua?

It does one thing well. It captures consent to process personal data. With a clear, unambiguous description of the data types and purposes. Along with the ability for the ongoing validation of this consent. The clear user interface which captures the consent from the user is transformed into a standard based consent receipt.

Consentua Lock

This consent receipt can then be shared and used by any party that the consent owner (the data controller) wishes. This means both parties (the controller and processor) are covered when it comes to audit time and the question is asked: “has customer X consented to this use of their personal data?” “Yes” is the response. “Here is the consent receipt.“

It is also secure, low impact in terms of the demands it has on customer systems. Quick and easy to install via our plugins. Also, the service is very flexible out of the box. Consent templates drive the what the user sees on their mobile or browser. Templates can be changed anytime. Including, adding purposes, adding data types and new purpose groups, which could be due to a new product or 3rd party processor.

But can I see who has consented to what?

Of course. A number of queries are available via the API. These are: What has this specific user consented to? Who has consented to what for this consent service? These queries can be sued to help with subject access requests, notification of a breach and finally if a data subject demands the right to be forgotten.

Consent services can be organisation wide, campaign-specific or even country level. Yes, Consentua is international and can support any language as long as the translation is available, the consent receipt is still created.

Trust & Transparency

It is not all about consent though. One of the changes that GDPR brings is a demand for a more transparent description of the data types and purposes even when legitimate interest for processing this data is allowed. A stretch ambition is to get apps to reduce the amount of clutter in terms and conditions. This will hopefully mean apps use Consentua as the main vehicle for describing to the customer the service they can expect in return for sharing their personal data.

img center

img center

Overall though the aim of Consentua is to improve the trust between customers and brands. We believe that by having the transparent and easy to understand description of not only the types of personal data that are being used but why and for what purpose too; brands will increase trust. This is because honesty that is then continually verified through practice and experience fosters trust. But you have to explain what it is you are doing as a brand first.

Widgets make it easy

In short, consider Consentua to be an essential service, but one of many that ensures your customers are happy. We think of Consentua as like a CDN, but more useful. Because of the consent receipt that Consentua stores are a record in your full control.

Already mentioned, but the Consentua widgets which are growing in number, provide an easy way of integrating with the API. They are available via this Consentua page. Consentua is more a B2B system that a B2C consent capture mechanism. As it is what you do with this consent to process personal data that will be the key to fantastic customer service.

The widget is open source. Please use as required and note Consentua can easily be a white label provided service if desired.

Why Choose Consentua

If you want the following:

Great value. WYSIWYG. Clear & transparent pricing from $99.
A secure API that creates a ‘consent receipt’ that can be shared with others I allow. Low hassle to my enterprise. No other strings or pre-requisites.
Easy to install. Does not cost an army of consultants or much time. Bearing in mind the GDRP deadline is approaching. Use the widgets for fast start. Flexible to use. Change is constant. This service can keep up with the pace.
We do not have any demand for personal data to manage consent. Only a common identifier.
Delivers Trust and Transparency. Enables Choice and Control.

How Many Steps to my own Consentua Service?

Three. Create your Consent Template(s). Describe the purposes, data types used for the purpose.
Deploy your widget where required, app’s, browsers, systems, platforms. Turn on your Consentua service Capture consent from users and describe your needs for personal data in a clear and transparent way. . Start using the permission to process personal date to deliver fantastic service.

Where do I Go? or