PRI-03—Choice & Consent
Weight: 7
>Control Description
Mechanisms exist to enable data subjects to authorize the collection, receiving, processing, storage, transmission, sharing, updating and/or disposal of their Personal Data (PD), where prior to collection the data subject is provided with:
(1) Plain language to illustrate the potential data privacy risks of the authorization;
(2) A means for users to decline the authorization; and
(3) All necessary choice and consent-related criteria required by applicable statutory, regulatory and contractual obligations.
>Cross-Framework Mappings
China Cybersecurity Law
India DPDPA
Saudi Arabia PDPL
SOC 2 TSC (Detailed)
45 CFR 155.260
HIPAA Simplification 2013
Texas CDPA
Virginia CDPA
Ask AI
Configure your API key to use AI features.