Consent Information

Overview

The purpose of this document, is to detail two subjects mentioned in the GDPR Regulation document, namely the Legal Processing and the Legal Rights of the Data Subject. The essence of these two subject, are that in order to process personal information of the data subject, there has to be lawful basis for doing so, such as the establishment of a consent contract, and also that the data subject has to be informed of its legal rights. Both of these are required to be fulfilled prior to committing personal information to the system, and therefore it is optimal to ensure that both of these are ensured at the same time, such as during sign-up.

Requirements and maintenance

These requirements can be fulfilled by means of a consent-contract, with information about:

  • Contact information about the data-controller
  • Purpose of processing personal information
  • Categories of personal information
  • How personal information is retrieved
  • How long person information is contained in the system and how it is deleted
  • General rights of the data-subject

This document is based on a template provided by Datatilsynet, with intention of being visible to the data-subject at any time. This is also the reason why it is provided in Danish, such that it can be integrated as part of the application.

The consent contract should be continuously maintained, which means updating it given any changes to the processing of personal information, which would also require a new acceptance of the consent contract from the data-subject. The changes that would trigger an update, are equivalent to those described in the document Processing Activity Record Information.

The consent-contract is provided as a separate document.


Last update: December 12, 2023