3 Terminology

Terminology used within this specification.

We recognise there are common terms across all ID related Building Blocks (Identity, E-Signature, Consent, Wallet). We define these here.

In addition the following terms are specific to the Consent Building Block.

Configuration

Technical implementation of all the content and process conditions as defined by the Data Policy for Consent Agreement creation, reading, updating and deletion, as well as for providing all necessary actors with the required operations

The agreement to be signed by the Individual and the Data Controller as prescribed by Data Policy, based on which the Data Providing System may transmit the data to the Data Consuming System for the purposes described in the Consent Agreement.

The Consent Record created when an individual signs a consent agreement. It represents a signed consent agreement.

A unique identifier used to locate and verify the validity of the Consent Agreement.

Data Providers

A legal entity that stores and provides access to an Individual's data, which requires the Individual's consent for processing (outside of its primary purpose/location).

Data Consumers

A legal entity that requires the Individual's data from the Data Providers according to the consent of the Individual.

Data Disclosure Agreements (DDAs)

A Data Disclosure Agreement (DDA) exists between two organisations where one organisation acts as a Data Provider and the other as a Data Consumer. The DDA captures how data is shared between the two organisations and what role and obligation each party has.

Data Policy

Is a formal description of the purpose, nature and extent of consent-based Personal Data processing, covering the configuration needs by Data Providing System and Data Consuming System and the conditions defined by law.

Data Processing Auditor

Is an legal entity (a person or an organisation) verifying the legitimacy of Personal Data processing by Data Controllers and Data Processors based on the Data Policies and performed tasks. The entity is not to be confused with a data policy auditor that is independent of the actors involved in the operations of consent management and can engage directly with the Consent BB service operator.

Delegate

The person giving consent (signing Consent Agreement); on behalf of the Individual,

Individual

Is a person about whom the Personal Data is stored in an information system (a.k.a. “Data Subject”) and who agrees or not with the use of this data outside of its primary purpose/location

Legal Entity

See this entry, and related terminology in the ID Common Terminology reference.

Personal Data

Is any information that

(a) can be used to identify the Individual to whom such information relates, or

(b) is or might be directly or indirectly linked to the Individual (ISO(IEC 29100:2024))

please also see common definition of Personally Identifiable Information (PII)

Regulations

Are broadly defined as rules followed by any system: could be laws, bylaws, norms or architectures that regulate a given system. The term and definition is inspired by Lessig’s modalities of regulation.

Last updated 25 days ago

Was this helpful?

hashtagConfiguration

hashtagConsent Agreement

hashtagConsent Record

hashtagConsent Reference

hashtagData Providers

hashtagData Consumers

hashtagData Disclosure Agreements (DDAs)

hashtagData Policy

hashtagData Processing Auditor

hashtagDelegate

hashtagIndividual

hashtagLegal Entity

hashtagPersonal Data

hashtagRegulations