Always get permission from the users before using their personal data. GDPR Consent is the most popular way of taking consent as per the latest privacy and security standards. If you want to take consent from the visitors regarding storing and processing of data as per GDPR guidelines, follow these steps to enable the option.
Click on Settings icon present in the navigation panel
Click on GDPR consent under ‘Chatbot Settings’ tab
Open “Ask consent from” dropdown and select “All visitors”
Provide the content in “Consent content” field that you wish to display to the visitors for getting their consent
Note: We provide a default content to take consent from visitors, which you can always edit or replace with your own.
Change the consent button text as per your requirement
Click on “Save” to finish
This consent will be displayed as soon as any visitor starts the chat or the widget loads. The bot flow will run only when the visitor provides his/her consent.
This is how you can add the GDPR Consent to your chatbot portal. Let us discuss the conditions of the consent that GDPR clarifies.
Consent must be specific: Present the request for consent in a manner that is clearly different from the other matters. Users should clearly understand that the data processing task you mean to carry out is relevant to the subject and you are offering them an opportunity to give their consent for each activity.
If you are using one piece of information for more than one reason to operate a data processing task, you need to ask for consent for all those purposes. For example, if you save their phone numbers for both identity verification and marketing purposes, get their consent for each purpose.
Consent must be freely given: GDPR says that the consent should be freely given. A freely given consent means that you have not restricted the data subject to agreeing to what you are asking for. They should always have an option to say ‘No’. You must get distinct consent for every data processing operation.
For instance, if you need their IP address for website analytics purposes and their email address for marketing purposes, users must get an opportunity to accept or decline each use.
Consent must be informed: Consent needs to be informed which means the data subject knows about the purpose of the data processing, the data processing tasks you intend to conduct, and that they can remove their consent anytime.
The purpose of using their details should be described in simple language. It should not include any technical jargon. Anyone going through that information should be able to know what you’re asking them to give their consent to.
GDPR consent necessities are easy to understand but difficult to implement. Try and integrate them with your business strategy and make sure your company is above board.