Developer forum

Forum » CMS - Standard features » Best practice for managing Consent

Best practice for managing Consent

E-mail notifications
Adrian Ursu Dynamicweb Employee
Adrian Ursu
Reply
Posted on 17/01/2019 15:48:37

Hi guys,

What would be the best practice for setting up a way to manage consent.

Say, a user has created account, then he want to give consent to some activities and decides at a later time that he wants to adjust the consents he already gave.

What would be the best way to implement it?

I see that using forms for editors dfoes not default to the consent already given. It is always initialized unchecked (unless I am missing some setting). It would probably be useful to be allowed to select in Automatic Values, the value of the consent.

What do you think? Is there a better way to do it?

Thank you,
Adrian


Replies

 
Nicolai Pedersen
Posted on 17/01/2019 22:22:07
Reply

Hi Adrian

Not sure there is a best practice - I think you are the one with most experience in the field.

I am not sure that you even need consent when you have users with accounts. That usually means they have some kind of customer relationship or accepted terms of use like you do on Google, FB and others. So I would argue that simple custom checkboxes in this case is more than enough and use the user management module for it.

Also I think it is important to distingues between consents and preferences. What you describe could 'just' be preferences, where the consent handles one or 2 overall situations. But again, if it is known users, you might even not need it.

BR Nicolai

 
Adrian Ursu Dynamicweb Employee
Adrian Ursu
Posted on 18/01/2019 10:19:25
Reply

Hi Nicolai,

I understand that for known users, the constent might not be needed since it can be interpreted as "legitimate interes".

But as for SEO, this falls into the hands of a consultant that might interpret the description of the law differently. I was hoping that the larger audience here might have some feedback on their experience with similar requests. But I guess I might be one of the few dealing with B2C customers :)

I can try to handle it through the Extranet App. But I would rather treat it as a Consent than an Preference.

That being said, is there any way I can recreate Checkboxes for consent activities in the Edit Profile template?

I tried using the Consent.Activity.Id property value on the checkbox Id and Name but that's not working. I guess the only way right now is to use that single checkbox that is usually for Email accept.

Is that right?

Thank you,

Adrian

 
Nicolai Pedersen
Posted on 18/01/2019 10:25:35
Reply

Hi Adrian

I think the greater audience will not have experience with consent and b2c customers as they are not needed. And also I do not understand what it has to do with SEO...?

Anyways - I think you need to code in the template to find consents for existing users and set the checkboxes accordingly - you can also add a notification subscriber to the user edit instead.

Happy coding, Nicolai

 
Morten Bengtson Dynamicweb Employee
Morten Bengtson
Posted on 18/01/2019 11:16:18
Reply
This post has been marked as an answer

Hi Adrian,

In view/edit profile templates you have access to a "Consents" template loop which you can use for rendering the current consent state for all activities.

You can change the consent state for each activity by including input fields to the edit profile form.
The input names must have the "Consent_" prefix followed by the activity id. The value of each input should be "true" (consent given) or "false" (consent withdrawn).

Here is a sample template (also attached):

@inherits Dynamicweb.Rendering.RazorTemplateBase<Dynamicweb.Rendering.RazorTemplateModel<Dynamicweb.Rendering.Template>>
@GetValue("UserManagement:User.FormStart")
 
<h2>Consents</h2>
@foreach (var consent in GetLoop("Consents"))
{
    <div>
        <h3>@consent.GetValue("Consent.Activity.Name")</h3>
        <div>@consent.GetValue("Consent.Activity.Description")</div>
        <div>
            @{ var isConsentGiven = string.Equals("Given", consent.GetString("Consent.Status")); }
            <label><input type="radio" name="Consent_@(consent.GetValue("Consent.Activity.Id"))" value="false" checked="@(!isConsentGiven)" />No</label>
            <label><input type="radio" name="Consent_@(consent.GetValue("Consent.Activity.Id"))" value="true" checked="@(isConsentGiven)" />Yes</label>
        </div>
    </div>
}
 
<button type="submit">@Translate("UpdateConsents""Update consents")</button>
 
@GetValue("UserManagement:User.FormEnd")

Place this template in the template folder /UserManagement/ViewProfile and select it as the edit profile template in the Extranet app.

For advanced scenarios you can make use of @Consents in your razor templates. This will give you an instance of ConsentManager which provides a number of methods for managing consents.

Best regards,
Morten

 

Votes for this answer: 1
 
Adrian Ursu Dynamicweb Employee
Adrian Ursu
Posted on 18/01/2019 11:56:54
Reply

Hi Morten,

Thank you very much for this,. This is Exactly what I needed.

Maybe you can add this information to the documentation?

 

Thank you,

Adrian

 
Morten Bengtson Dynamicweb Employee
Morten Bengtson
Posted on 18/01/2019 12:54:34
Reply

Yes, we will make sure that documentation is updated.

Thanks.

/Morten

 
Morten Bengtson Dynamicweb Employee
Morten Bengtson
Posted on 18/01/2019 14:42:32
Reply

Documentaion for this feature has now been added here:

https://doc.dynamicweb.com/documentation-9/users/gdpr-related/data-processing#8175

 
Adrian Ursu Dynamicweb Employee
Adrian Ursu
Posted on 25/01/2019 13:22:54
Reply

Hi guys,

I have tested the edit consent approach in Extranet.

The update of the consent works fine.

However, I have set Email Allowed to be connected to the Allow Newsletter activity.

I have updated the Consent, and that worked fine, but the Email Allowed on the user is still unchecked.

I guess the binding between Allow Email and the activity consent is just at module level?

Would it make sense to make the connection permanent in the User settings instead of the Extranet Module?

Or standardize somehow this type of newsletter acceptance with a standard activity consent in order to have them always in sync?

The way it works now, if I set this connection between Allow Email and a Newsletter activity and collect the consent for this activity through the Extranet App or through the checkout, if the user is managing all consents in a dedicated page (assuming there are multiple activities to track) withdrawing consent for Newsletter activity will not uncheck the Allow email option on the User.

Does it make sense?

Thank you,
Adrian

 
Nicolai Pedersen
Posted on 25/01/2019 13:27:18
Reply

Hi Adrian

Using consents kind of deprecates "Allow email". Email marketing can handle that.

BR Nicolai

 
Adrian Ursu Dynamicweb Employee
Adrian Ursu
Posted on 25/01/2019 13:55:43
Reply

Hi Nicolai,

Understood. Email allowed made it easier to export users that have accepted communication.

But I will stick with consent and avoid using Email allowed.

Thank you,

Adrian

 

You must be logged in to post in the forum