toestemmingslog

Toestemmingslog is a record-keeping tool used by organizations to document consent from individuals for the processing of personal data. Such logs are commonly maintained to demonstrate compliance with data protection legislation, including the European Union's General Data Protection Regulation (GDPR) and its Dutch implementation (AVG). The log records when consent was obtained, what it covers, and that the user was informed of the purposes, data categories, and retention terms. It also notes how the consent was obtained (for example via a banner, checkbox, or consent notice), the version of the privacy notice, and the status of consent (given or withdrawn).

Typical content includes: user identifier (often pseudonymized), timestamp, purposes for processing, data categories, method of consent,

Legal and governance considerations include that consent logs must be accurate, auditable, and up to date, especially