Feature: Consent Enforcement

The Scaled Access Consent Enforcement feature allows the customer to define customized consents, specify consent workflows, and register user consents.

About Consent Enforcement

Consent is an important concept in the protection of natural persons with regard to the processing of personal data. The specific rules that need to be followed in Europe and for EU citizen data are determined by the General Data Protection Regulation (GDPR). The rules state among others that the controller (eg. a company offering its services) must be able to demonstrate that the user consented to the processing of their personal data, i.e. the controller must register and keep track of its users’ consents. 

Examples of consents”I agree that company X, using services provided by company Y, uses my email address to send me a monthly newsletter.”
“I agree with the general terms and conditions of company X that specify that company X is allowed to use my data for their specific purpose(s).”

Consent Enforcement with Scaled Access

Scaled Access offers help with this so-called Consent Enforcement by providing an API-based system to: 

  1. Config API: Define customized consents.
  2. Consent Enforcement API: Register user consents and log each action with regard to these consents (see the conceptual example below).
  3. Authorization API: Take user consents into account to make access decisions.

Sign up to continue reading

You’ll get access to all of our Tech Center documentation on consent, externalised authorisation & relationships.