Video instructions and help with filling out and completing declaration of consent gdpr

Instructions and Help about declaration of consent gdpr

Music hey it's Jeff Sauer here and I want to talk to you about what else GDP are and specifically I want to talk about consent when it comes to collecting cookie data in your analytics as well as general consent and some of the things that I'm going to be doing on the Jeff lytx website when it comes to tracking now as you can probably guess getting consent from users and what it means both in terms of Gd P R as well as a privacy initiatives it's as clear as mud and so I'm gonna do my best to take that muddy water and make it more clear and I'm gonna share it in terms of the things that I'm planning on doing with my own site and some of the actions that I'm taking so listen up if you want to learn more about cookie consent or dis consent in general and maybe get some practical tips or a good summary as to what consent means and some more resources that you might find valuable so listen up and we're gonna talk about getting consent for the data that you collect okay so let's talk about consent for gdpr and how it affects your Google Analytics data and if you watched my last video about IP anonymization for standard tracking in Google Analytics your next question was probably is there a way to use Google Analytics advanced tracking in GDP our countries and remain compliant with GDP are and unless your memory is photographic you're probably wondering what were those advanced Google Analytics tracking methods you talked about Jeff so let me refresh your memory here advanced Google Analytics installs it means that you're potentially collecting many forms of personal data or third-party data using Google Analytics and this happens when you do demographics display features things like remarketing within Google Analytics as well as user ID tracking or even your custom dimensions there are ways that you're going to store somebody's personal data even if it's aggregated you're gonna store it in your Google Analytics if you do some more advanced tracking so basically anything beyond just collecting somebody's IP address which is from I understanding all that you collect in the basic standard install of Google Analytics if you go beyond that then you potentially need to get consent because you're collecting personal data and when that happens you need to have some kind of notification or some kind of way of obtaining somebody's consent so the ultimate question you probably have is can you track this data in Google Analytics under gdpr and the answer is yes if you receive consent to be tracked you can track this data and then you're probably thinking to yourself well what exactly is consent is it one of those funny pop-up things what does it look like how does it work is there a standard behind it how is all the stuff coming together and

FAQ

Does GDPR affect companies selling data? I did not give consent to another company to have my data for the means of debt collection? How do they get data without consent with GDPR?
Not sure what you’re getting at, but, as a generalisation, GDPR affects all organisations that use or store personally-identifiable information in all the countries that have signed up fo it. I am not sure about this, but there is no blanket ban on acquiring data, just using it and storing it. And selling data is a use, so it is meant be covered by the seller’s data and privacy policiesAt a more practical level it is then up to each country’s ICO (Information Commissioner’s Office) to then set guidelines, procedures, and enforce the rules. No (or pointless) ICO means no enforcement.Having said that, there’s plenty of personally-identifiable information flying around under allowed exceptions, for example, for law enforcement, or some not-entirely-watertightly-specified Government uses. The exchange of information for debt collection purposes might have been OKed by a court, alternatively, many privacy and data use policies (that you almost-certainly OKed) do have paragraphs covering the use of data by third parties for things like debt-collection and law-enforcement.You still have the right to request (or be pointed at) the data privacy and data use policies of the organisations you’re worried about. Always assuming you have an ICO in your country that enforces the rules - I don’t know which country you’re in.Question as originally answered: Does GDPR affect companies selling data? I did not give consent to another company to have my data for the means of debt collection? How do they get data without consent with GDPR?
How will GDPR affect the storage of flagged/banned Euro IPs to prevent malicious users? Should they be asked for consent too?
The answer to this appears to be ‘probably’. So far as I can see from a quick search on Google, so far, where the question has come up, the EU has ruled that in certain circumstances, an IP address can be considered personal data. However, as blocking an IP address to stop a malicious user is about as effective as using a wall made of tissue paper to barricade against a flood, you may as well just delete them.IPs can be changed in about 30seconds.
How do I avoid being bullied into consenting to GDPR?
You do not have to consent to anything you do not want to.Under GDPR Art. 77 you have the “Right to lodge a complaint with a supervisory authority”. As far as I know, every EU member state should have a supervising authority which you can contact if you feel like your rights under GDPR are infringed upon.You can read more here : How do I avoid being bullied into consenting to GDPR?P.S : I am not a lawyer, so please take my answer only as my personal opinion.
What are all the data that need to be stored as proof of consent for GDPR?
It’s a endless debate because it depends a lot on the situation, let me explain the systems you can use, and which you will choose depending on you case. Also note one thing : user consent is not needed in all situations, it’s only needed in very specific situations like marketing - for e-commerce transaction you don’t need it for example (look at article 6 of GDPR for more on that).The possible systems to track user consentSo it comes down to two possibilities when you’re working on the web :either you track the process by which the user consent (a copy of the webpage and the button he clicked so we can see how was the button basically)or you track the consent itself (the data in the db that tracks the consent)You could also ask email or phone confirmation for example if you have the possibility to get out of the web, but let’s keep ourselves web only.As a general idea, keeping a proof of the process by which the user had to go through is probably more useful than keeping track of the consent itself (a checkbox checked on a database).Which system should you use and why ?Now we have to make a choice, and this choice depends on one thing : how risky your situation is ?Why am I brining risk ? because if there’s more at stake you’re going to want to protect your organisation much more.So for example if you’re asking consent for sending a newsletter you’re sending about gardening, I’d go for keeping track of the process itself because it’s low risk situation.However the situation is completely different if you’re collecting data to sell an insurance contract. Why ? because the risks of getting sued is higher and there’s just more at stake. So every little detail will count much more.Quick practical adviseDon’t obsess too much about the consent and how to track it. In real life what you should work on is make sure users actually agree with what you’re really doing , and make sure you’re not doing fishy things behind. If the process is clear (yes you subscribe to my newsletter and i’m going to send you commercial offers), you will have little problems. On the other side, you will have a TON of problems if you record the user consent and do completely different things on the backend than what he thought he agreed on…
How does an airline ticket booking agent issue a ticket to walk-in passenger and ask for consent accordingly to GDPR?
The Airlines will be fully compliant with GDRP EU regulations. They do not need your consent, only to assure you that all your information is protected under the regulations. (Example, they cannot hold onto your information more than 90 days, etc, unless you agree. Loyalty points systems would require your consent.)One more thing, GDRP does not protect your information from government review and inspection for the purpose of Customs and Immigration review, acceptance or rejection.Have a nice flight!
Get Form