All Collections
Compliance
Writing Consent Requests in GDPR Tools
Writing Consent Requests in GDPR Tools

eBoss GDPR tools make is easy to send consent requests. But knowing what to ask for can be a little trickier...

Robin Bonass avatar
Written by Robin Bonass
Updated over a week ago

TIME REQUIRED: 5 MINUTES

YOU WILL NEED:  

  • eBoss GDPR Tools

  • A clear understanding of how the data is to be used

STEP 1: OPEN A NEW CONSENT REQUEST FORM
1.1) Open the GDPR+ Management tab in eBoss

1.2) Scroll down until you see the new permission forms

STEP 2: TARGETING YOUR CONSENT REQUEST
2.1) Make sure you request consent for each of the processes you want permission for
2.2) Remember: you cannot use a consent for any process other than the one for which it was specifically given
2.3) If you want to use the candidate CV to fill a vacancy, that may require consent. If you wish to send the candidate advertising, that requires another consent.
2.4) Establish your priorities: Place primary goals in the "PROMPT ME" box; put secondary considerations in the "FULL PERMISSION" field.


STEP 3:  COMPLETE THE FORM

3.1) If you are requesting permission for recruitment purposes (eg: sharing CVs with potential employers) enter the following text or similar in the "Prompt Me" field: 

  • "I give consent for COMPANY NAME to process my data so that potential employers can consider me in their hiring process."

3.2) If you need additional consents, to send marketing material or to use contact dat in other ways, detail those in the second "Full Permission" box.

  • "I give consent for COMPANY NAME to contact me with regard to additional offers and services that may become available in the future."

3.3) Under GDPR, it must be as easy to withdraw consent as it is to provide it. Don't worry: eBoss has got you covered here, too. Our third field allows the recipient to remove consent in a legally compliant fashion. Consider how you will word your messasge - make it clear that you may be unable to fulfill parts of your service if a candidate removes consent:

  • "I withdraw consent for the processing of my data. I understand that my information will no longer be available to potential employers."

STEP 4: SET PERIOD OF PERMISSIONS
4.1) We have included a PERMISSION PERIOD drop-down option to help you keep on schedule with your own compliance.
4.2) Scroll down to the Permission Period drop-down.


4.3) Select the option you want from the list
4.4) There is no single set "life span" for consents within the GDPR law. However, you should refresh your consents periodically - especially as regulations change; as you introduce new processes; or when you change the method of processing data.
4.5) It is also best practice to review your consents on a regular basis. The Permission Period tool gives you a simple prompt to remind you of when it is time to refresh your in-house compliance obligations.


Did this answer your question?