With the right formulation on the safe side
In the last article on this topic, we have already pointed out the importance of the customer’s declaration of consent for the storage, processing and use of personal data. If it is not available, no personal data may be collected or used for any other purpose in accordance with data protection. This can otherwise be considered a data breach.

That has to be part of it
Above all, the consent of your customers must be clearly recognizable. What does that mean? Your customer must recognize that he gives his consent to the storage and use of his data. For example, the following phrases are recommended by datenschutz.org:

„With my signature, I agree that …“

„I give my consent that …“

„I agree that …“

„By your signature, the privacy statement for [purpose] shown on the reverse is included as part of the application.“

Formally, there are some rules to follow. Thus, the text passages for consent must stand out from other tex passages, whether by bold print, separate paragraph or color highlighting. (§ 4a paragraph 1 sentence 4 Federal Data Protection Act (BDSG)). The signature on the consent form should be included directly on the application so that it can be seen that the signature belongs to this contract. A reference to the voluntary nature of the declaration of consent is also obligatory.

Collection of data is earmarked
Data protection law requires that data may only be collected for a specific predefined purpose. The customer must therefore be able to clearly see in the declaration of consent, for which his data are collected, processed and used. Which data that is must be explicitly recognizable. A passage to the rights of the customer may not be missing either. This informs him of his right to delete, block and correct his data and the right to information and the possibility of revoking the declaration of consent. Does everything sound complicated? Here is a sample illustration.

The consent of the customer you have now. But how do you handle the data? Where are they stored safely? In the next post we explain everything about TOM (technical organizational measures).