Article 6 of the GDPR defines the basis for the processing of personal data of European citizens. The most common basis for application developers is to obtain a valid and informed consent from their end-users. Article 4(11) of the GDPR states that the consent of a data subject must be any freely given, specific, informed, granular, explicit indication of the data subject's agreement for the processing of his or her personal data.
In addition, Data Controllers must be able to prove that data subjects have given their consent lawfully. This means that developers (who either act as Data Controllers, or who develop applications for Data Controllers) need to keep a record of all consents, updates, withdrawals, and be able to demonstrate their compliance if required by the supervisory authority.
If Data Controllers are unable to demonstrate that the data subject has given consent to the processing, they can be fined up to 20M Euros, or up to 4% of the total worldwide annual turnover for the preceding financial year, whichever is higher (Art. 7).
To help developers with this task, Chino.io offers an extremely simple API that ensures compliance with all requirements and eliminates all risks in less than 5 minutes.
With the Chino.io Consent API developers can: