I have a question on the consent to process field that needs to be added to the form(s). Does the consent need to be a checkbox? Is it mandatory to be a Boolean?
Would a Select type of field with Yes/No as displayed values and True/False as stored values would work?
Asking this, as we might encounter an issue with implementing the checkboxes on the website.
Thank you,
Emilia
Neither the words "boolean" nor "checkbox" appear in the text of the GDPR, so neither is mandatory.
They're just the most common datatype + form widget to represent true/false values in an HTML page (remember, HTML is not the only context in which consent applies/is managed).
You can use any datatype you want, and any visual presentation, so long as it conforms to underlying legal needs (including timestamping -- true/false itself doesn't include a timestamp).
I went with yes/no rather than boolean true/false on the advice of my team for opt in specifically. GDPR requires that you be clear (they repeat that ad nauseam) and my team felt that an opt out that was a checkbox and an opt in that was a checkbox was unclear. That's just what we decided, it all depends on your lawyers and internal choices of your company.
Hi Christina,
Interesting. But then someone would argue that you are making it more complex than necessary
And also:
opt out that was a checkbox and an opt in that was a checkbox was unclear
The 2 fields are not supposed to be on the same form!
-Greg
Grégoire Michel this is for my subscription center, not my normal forms
For CASL I had opt in checkboxes and an opt out checkbox on my subscription center and that's what some people said caused confusion. To me it was clear "checking the box means yes so either yes I want to opt in or yes I want to opt out", but my UX person said that it was unclear because they did opposite things. #Disagree