Consent receipt management systems and related methods
First Claim
1. A consent receipt management system comprising:
- one or more processors; and
computer memory, wherein the consent receipt management system is configured to perform;
receiving, from a user interface, a request to initiate a transaction between an entity and a data subject, the transaction involving collection and processing of personal data associated with the data subject by the entity as part of a processing activity undertaken by the entity that the data subject is consenting to as part of the transaction, wherein the request comprises transaction definitions including a unique transaction identifier associated with the transaction, one or more links to a privacy policy associated with the transaction, and a listing of one or more data types for which consent to process will be provided;
in response to receiving the request;
identifying the unique transaction identifier from the request;
generating a unique consent receipt key for the transaction;
determining a unique subject identifier for the data subject; and
generating a piece of computer code associated with the transaction to place in a location at which consent from one or more data subjects will be requested as part of the transaction;
electronically storing the unique subject identifier, the unique consent receipt key, and the unique transaction identifier in computer memory, wherein the computer memory stores a plurality of consent records associated with the unique subject identifier, each of the plurality of consent records being associated with a respective transaction of a plurality of transactions involving the data subject and the entity;
electronically associating the unique subject identifier, the unique consent receipt key, and the unique transaction identifier;
generating a consent record for the transaction, the consent record comprising at least the unique subject identifier and the unique consent receipt key; and
electronically transmitting the consent record to the data subject.
2 Assignments
0 Petitions
Accused Products
Abstract
A consent receipt management system may, for example, be configured to track data on behalf of an entity that collects and/or processes persona data related to: (1) who consented to the processing or collection of personal data; (2) when the consent was given (e.g., a date and time); (3) what information was provided to the consenter at the time of consent (e.g., a privacy policy, what personal data would be collected following the provision of the consent, for what purpose that personal data would be collected, etc.); (4) how consent was received (e.g., one or more copies of a data capture form, webform, etc. via which consent was provided by the consenter); (5) when consent was withdrawn (e.g., a date and time of consent withdrawal if the consenter withdraws consent); and/or (6) any other suitable data related to receipt or withdrawal of consent.
-
Citations
19 Claims
-
1. A consent receipt management system comprising:
-
one or more processors; and computer memory, wherein the consent receipt management system is configured to perform; receiving, from a user interface, a request to initiate a transaction between an entity and a data subject, the transaction involving collection and processing of personal data associated with the data subject by the entity as part of a processing activity undertaken by the entity that the data subject is consenting to as part of the transaction, wherein the request comprises transaction definitions including a unique transaction identifier associated with the transaction, one or more links to a privacy policy associated with the transaction, and a listing of one or more data types for which consent to process will be provided; in response to receiving the request; identifying the unique transaction identifier from the request; generating a unique consent receipt key for the transaction; determining a unique subject identifier for the data subject; and generating a piece of computer code associated with the transaction to place in a location at which consent from one or more data subjects will be requested as part of the transaction; electronically storing the unique subject identifier, the unique consent receipt key, and the unique transaction identifier in computer memory, wherein the computer memory stores a plurality of consent records associated with the unique subject identifier, each of the plurality of consent records being associated with a respective transaction of a plurality of transactions involving the data subject and the entity; electronically associating the unique subject identifier, the unique consent receipt key, and the unique transaction identifier; generating a consent record for the transaction, the consent record comprising at least the unique subject identifier and the unique consent receipt key; and electronically transmitting the consent record to the data subject. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented data processing method for managing a consent receipt under a transaction, the method comprising:
-
providing a user interface for initiating a transaction between an entity and a data subject; receiving a request to initiate a transaction between the entity and the data subject from the user interface, the transaction involving collection and processing of personal data associated with the data subject by the entity as part of a processing activity undertaken by the entity that the data subject is consenting to as part of the transaction, wherein the request comprises transaction definitions including a unique transaction identifier associated with the transaction, one or more links to a privacy policy associated with the transaction, and a listing of one or more data types for which consent to process will be provided; in response to the request; identifying the unique transaction identifier from the request; generating, by a third party consent receipt management system, a unique consent receipt key for the transaction; receiving, from the data subject, a unique subject identifier; and generating a piece of computer code associated with the transaction to place in a location at which consent from one or more data subjects will be requested as part of the transaction; electronically storing the unique subject identifier, the unique consent receipt key, and the unique transaction identifier in computer memory, wherein the computer memory stores a plurality of consent records associated with the unique subject identifier, each of the plurality of consent records being associated with a respective transaction of a plurality of transactions involving the data subject and the entity; electronically associating the unique subject identifier, the unique consent receipt key, and the unique transaction identifier; in response to receiving the request, generating a consent receipt the consent receipt comprising at least the unique subject identifier and the unique consent receipt key; and transmitting the consent receipt to the data subject. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-implemented data processing method for managing a consent receipt under a transaction, the method comprising:
-
providing a user interface for initiating a transaction between an entity and a data subject; receiving, from the user interface, a request to initiate a transaction between the entity and the data subject, the transaction involving collection and processing of personal data associated with the data subject by the entity as part of a processing activity undertaken by the entity that the data subject is consenting to as part of the transaction, wherein the request comprises transaction definitions including a unique transaction identifier associated with the transaction, one or more links to a privacy policy associated with the transaction, and a listing of one or more data types for which consent to process will be provided; in response to the request; initiating the transaction; identifying the unique transaction identifier from the request; generating, using one or more consent receipt generation means, a unique consent receipt key for the transaction; receiving, from the data subject, a unique subject identifier; and generating a piece of computer code associated with the transaction to place in a location at which consent from one or more data subjects will be requested as part of the transaction; electronically storing the unique subject identifier, the unique consent receipt key, and the unique transaction identifier in a computer memory using one or more electronic storage means, wherein the computer memory stores a plurality of consent records associated with the unique subject identifier, each of the plurality of consent records being associated with a respective transaction of a plurality of transactions involving the data subject and the entity; electronically associating the unique subject identifier, the unique consent receipt key, and the unique transaction identifier; generating a consent receipt, the consent receipt comprising at least the unique subject identifier and the unique consent receipt key; and transmitting the consent receipt to the data subject. - View Dependent Claims (18, 19)
-
Specification