Hi @thebulgarian,
Let’s start with the long reads; https://complianz.io/definition/what-is-proof-of-consent/ & https://complianz.io/user-consent-registration/
For the shorter version.
1. The user will do a request, most likely to be informed on how and when consent was processed. The date and categories are stored in the user’s browser. On request, you can ask for these details, as you did not register personal data like an IP address. For data minimization principles, the less your store, the better.
If the user sends the needed details, you can use the Proof of Consent document which relates to the date to show how consent management was configured, and based on the categories in their browser which cookies were accepted.
1.1 The values in the cookies will be either, set – deny or allow. cmplz-choice, for example, will show when the last choice has been configured, this has a value “set”.
2. If someone does not want to be cooperative during this process, it will also be hard to get an IP address or a specific User ID which could be stored in a cookie as well. The problem with an IP address for example is that they are mostly dynamic and not directly identifiable without context. If the user doesn’t provide context, it’s hard to prove anything.
In this case, by GDPR guidelines, showing the technical implementation and configuration of a consent management tool is sufficient to prove the consent of the end-user.
In the proof of consent that can be shared with the user, there’s a hyperlink to an online manual that explains what they’re reading and how it works.
Hope this helps,
regards Aert
