The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU (source: Wikipedia).
Airlock IAM supports the enforcement of GDPR compliant user consents.
Currently, the following features are available:
- Consent enforcement to access target applications or internal services in IAM (e.g. editing user data)
- Consent enforcement in user self-registration
- Consent management self-service
The decisions of the users are tracked in the audit log and are stored in the database.
Example screenshot asking a user for consents to access a protected service:
Note that Consent Management is only supported for Loginapp Templates 2.0 and relational databases (no LDAP plugins available).
Consent Management requires the license tag "GDPRConsentEnforcement".