Skip to main content

Allow people to explicitly accept or reject inclusion in some activity, GDPR compliant

Project description

Production/Stable License: AGPL-3 OCA/data-protection Translate me on Weblate Try me on Runbot

This module allows the user to define a set of subjects (partners) affected by any data processing activity, and establish a process to ask them for consent to include them in that activity.

For those that need explicit consent as a lawfulness base for personal data processing, as required by GDPR (article 6.1.a), this module provides the needed tools to automate it.

Table of contents

Installation

You may want to install, along with this module, one of OCA’s mail_tracking module collection, such as mail_tracking_mailgun, so you can provide more undeniable proof that some consent request was sent, and to whom.

However, the most important proof to provide is the answer itself (more than the question), and this addon provides enough tooling for that.

Multi-database instances

To enable multi-database support, you must load this addon as a server-wide addon. Example command to boot Odoo:

odoo-bin --load=web,privacy_consent

Usage

New options for data processing activities:

  1. Go to Privacy > Master Data > Activities and create one.

  2. Give it a name, such as Sending mass mailings to customers.

  3. Go to tab Consent and choose one option in Ask subjects for consent:

    • Manual tells the activity that you will want to create and send the consent requests manually, and only provides some helpers for you to be able to batch-generate them.

    • Automatic enables this module’s full power: send all consent requests to selected partners automatically, every day and under your demand.

  4. When you do this, all the consent-related options appear. Configure them:

    • A smart button tells you how many consents have been generated, and lets you access them.

    • Choose one Email template to send to subjects. This email itself is what asks for consent, and it gets recorded, to serve as a proof that it was sent. The module provides a default template that should be good for most usage cases; and if you create one directly from that field, some good defaults are provided for your comfortability.

    • Subjects filter defines what partners will be elegible for inclusion in this data processing activity.

    • You can enable Accepted by default if you want to assume subjects accepted their data processing. You should possibly consult your lawyer to use this.

    • You can choose a Server action (developer mode only) that will be executed whenever a new non-draft consent request is created, or when its acceptance status changes.

      This module supplies a server action by default, called Update partner’s opt out, that syncs the acceptance status with the partner’s Elegible for mass mailings option.

  5. Click on Generate consent requests link to create new consent requests.

    • If you chose Manual mode, all missing consent request are created as drafts, and nothing else is done now.

    • If you chose Automatic mode, also those request e-mails are enqueued and, when the mail queue is cleared, they will be set as Sent.

  6. You will be presented with the list of just-created consent requests. See below.

New options for consent requests:

  1. Access the consent requests by either:

    • Generating new consent requests from a data processing activity.

    • Pressing the Consents smart button in a data processing activity.

    • Going to Privacy > Privacy > Consents.

  2. A consent will include the partner, the activity, the acceptance status, and the request state.

  3. You can manually ask for consent by pressing the button labeled as Ask for consent.

  4. All consent requests and responses are recorded in the mail thread below.

Bug Tracker

Bugs are tracked on GitHub Issues. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed feedback.

Do not contact contributors directly about support or help with technical issues.

Credits

Authors

  • Tecnativa

  • initOS GmbH

Contributors

Maintainers

This module is maintained by the OCA.

Odoo Community Association

OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.

This module is part of the OCA/data-protection project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page