...
- the initial receipt is used to create an anchored record for the assertion of data sovereignty by PII Principal
Use the ANCR record to generate a consent receipt by choosing / confirming the legal justification, which represents a consent type and onto of this the legal justification is layered.
** implement this specification choose the receipt type for the legal justification, display the consent label in the receipt and privacy rights information access for the context of processing
The notice receipt is extended by the legal justification for processing
Each type of Notice receipt is defined by a legal justification mapped to a consent type label for human record processing and privacy rights.
The legal justifications are represented generically, and based on those defined in the GDPR and guidelines like those found in Canadian privacy for meaningful consent.
Table 1:
...
Consent Receipt Types for Legal Justifications & Consent Type Labels for Notice Liability Transfer
Consent Paradigm Controls - matching - Privacy Rights to data controls that re specified for data context governance and trust.
...
“Consent is not the only lawful basis for the processing of PII and thus not always required. “ In some jurisdictions, other lawful basis includes The aim of this specification is to modernize the consent exceptions to account for new digital realities that were not anticipated when these laws were originally adopted.
In 29184, generic set of lawful basis are adopted and specified from the GDPR.
consent
contractual necessity,
compliance with legal obligations,
vital interest,
public interest, and
legitimate interests
...