The Consent Vault serves as a comprehensive log of interactions between your sites and site users regarding their consent to process their data. This data is securely stored in the Consent Vault for up to seven years.
You can use the Consent Vault to easily view and search the history of all Consent transactions on your site.
Role and Value of the Consent Vault
The Consent Vault plays a vital role in tracking consent activities. It provides a centralized repository for all consent-related data, enabling organizations to:
Demonstrate Compliance: Easily generate reports and audit trails to prove adherence to data privacy regulations.
Enhance Data Governance: Gain control over how user data is processed and used, ensuring compliance with consent preferences.
Build User Trust: Show users that their consent is respected and managed transparently.
Streamline Consent Management: Simplify the process of obtaining, tracking, and managing user consent across various systems.
Facilitate Auditing: Quickly access historical consent records for auditing purposes.
By centralizing consent data, the Consent Vault empowers organizations to proactively manage user preferences and maintain a transparent data environment. This not only helps in meeting regulatory requirements but also in fostering stronger relationships with users based on trust and respect for their privacy.
Accessing and Navigating the Consent Vault
The Consent Vault provides an easy-to-use interface for viewing and searching consent-related data. When you open the Consent Vault page, you have a list of all the most recent actions performed within the last seven days and can see if consent was granted, renewed, or withdrawn.
The vault captures user actions related to the consent of the following types of documents and interactions:
Terms of Service
Privacy Policy
Other Consent Statements
Communication Preferences
When users re-consent, the action is captured and saved to the Consent Vault as a Renewed consent.
New users consent to the active version, which is saved to the Consent Vault as a Granted consent.
Recorded Fields Against Each Consent Record
Once you have found the pertinent consent records, expand them by clicking on the link in the ID column to see specific data regarding the consent.
For each interaction, there is full traceability of the interaction:
Timestamp - The date and time this consent interaction was recorded in the system.
Version - The consent statement version that was active when the action was performed.
Source IP - The IP address from which the API call originated; this may be the client browser or the server that made the API call.
Action - The action that was performed.
Language - The language of the Consent Template that the user consented to.
Login IDs - The Login ID(s) of the user who consented to the agreement.
For more information on recorded fields, refer to the Consent Vault documentation in the SAP Help Portal.
Consent Vault Filters
The Consent Vault offers powerful filtering capabilities to help you quickly find the information you need.
Filters allow you to search for consents by date range, consent type, and action performed.
To narrow your search further, use a Custom Where Clause.
You can expand the list of results using the Date Range filter:
Last 7 Days
Last 30 Days
Last 60 Days
Last 90 Days
Custom - The custom date range must be up to 6 months. If you select a longer time period, an error message will open.
The available Consent filters are:
Consent Type
Terms of Service
Privacy Policy
Communication Consent
Other Statement
Action Performed
Granted
Renewed
Withdrew
Deleted - The user was deleted, so their consent is withdrawn. Note that a separate record is saved for that automatic withdrawal, with the action listed as right to be forgotten.
Not Granted - The user did not grant initial consent to the consent statement the first time it was presented.
Use the Custom Where Clause search if you want more fine-grained results. This functions like our Audit Log and allows you to query the available records using any combination of the following properties in an SQL-like format:
event
uid
apiKey
path
action
docVersion/docDate
tags
callID
Best Practices for Auditing and Reporting Consent Records
To effectively audit and report on consent records using the Consent Vault, consider the following best practices:
Define Clear Audit Objectives: Determine the specific goals of your audit, such as verifying compliance with a particular regulation or identifying potential data privacy risks.
Establish a Regular Audit Schedule: Conduct audits on a regular basis to ensure ongoing compliance.
Use Filters and Custom Queries: Leverage the filtering and search capabilities of the Consent Vault to efficiently identify relevant records.
Document Audit Findings: Keep detailed records of your audit findings, including any identified issues and corrective actions taken.
Generate Reports: Use the Consent Vault data to generate reports that summarize consent trends and compliance status.
Automate Reporting: Use the REST API to automate the generation of reports and integrate consent data into your existing reporting systems.
By following these best practices, organizations can ensure that their consent management processes are robust, transparent, and compliant with relevant regulations. Regular audits and reports provide valuable insights into consent trends and potential areas for improvement.