Patterns — consent
Users are more willing to contribute valuable input when they can do so without leaking personal data, or perceive an equal or greater exchange in value either monetarily or socially.
Outsourcing [with consent]
“The controller has to obtain additional specific, informed, explicit, and freely given consent before outsourcing data processing to a third party.“
Sign an Agreement to Solve Lack of Trust on the Use of Private Data Context
Services of a controller may require users to sign contracts that stipulate their obligations and processing purposes for which users must consent to use the service. This ensures that users can trust the controller as it is bound to the contract it signs.
Single Point of Contact
The Single Point of Contact is a security authority who protects the privacy and security of sensitive data stored online by validating the authority of requests and ensuring secure communication channels.
Obtaining Explicit Consent
Controllers require consent to be given willingly and specifically when in any way processing the personal data of their users.
A crucial element in privacy protection is ensuring that all sensitive processing is preceded by the acquisition of freely given, informed, specific, and explicit consent.
Informed Consent for Web-based Transactions
This pattern describes how controllers can inform users whenever they intend to collect or otherwise use a user's personal data.