Skip to main content

Request user consent

Requirement#

The system must request the user's consent whenever it will collect any information about them or their actions. This consent should not be requested before informing the user about the types of data that will be collected and the purpose for which they will be processed.

Description#

Systems usually request information from their users or collect it based on their interactions with the application. Regulations demand that none of these collections occur without the user's consent, that this consent be demonstrable afterwards and that it only be requested after having informed the user of the types and purposes of data collection. Therefore, consent must always be requested in a clear manner and using easily understandable language before collecting any personal information.

References#