Capture and document the consent you need to comply with GDPR.


the place of origin or earliest known history of something.

How is consent defined? It’s freely given and fully informed permission granted to a company to have and use an individual’s personal information. Consent is required for any company to contact and communicate with an individual.

Individuals can give consent for communication in many ways, for example:

  • subscribing to a newsletter
  • requesting a quotation
  • requesting a free sample
  • signing up for more information about a product or service
  • booking a demo or a test drive

In every instance, the individual would have to consent for the company to have their information, and to communicate with them for that purpose (to send the email newsletter, to deliver the free sample and so on).

What does the GDPR say about it? The GDPR states that where “processing is based on the data subject’s consent, the controller should be able to demonstrate that the data subject has given consent to the processing operation.”

This means that data controllers must have documented proof that the individual consented to providing their data, and gave their permission for it to be used for the stated purposes. Any instance where an individual gives their consent to a company to use their personal information, for marketing or any other activity, the evidence and proof of consent must be documented by that company.

In practical terms, this means that you must have a means to document consent when it is given.

Often, depending on the scope of the marketing, companies are capturing personal information from many sources, all the time. You could be capturing it on forms on your company’s website (on-domain), on third party forms (what we call off-domain), getting consent provided over the phone in a call centre, even on paper forms in shops and venues.

Complying with this part of the regulation is a potentially huge challenge, for many brands and publishers.

This is made even more difficult when internal barriers exist, such as a basic reluctance to change, a lack of budget, a lack of knowledge about the regulation and its practical implications, and a belief that it’s just ‘not my remit’ to undertake changes to comply with GDPR.

Provenance will enable companies to document proof of consent, easily, cost effectively and fast.

We can get you up and running with a form and documentation of consent in under a week.

Provenance works in the following common touchpoints where companies get consent from customers:

  • Online – Landing Page/Website
  • Call centre – Inbound/Outbound
  • In-store – with incentives such as limited time offers and coupons

Along with capturing the personal information that the user submits to the form, Provenance will capture the terms and conditions and privacy policy that the individual consented to. A version control applies on these documents so that when you update your terms or privacy, Provenance takes note of it, and makes sure that the correct version is applied to each record.

To help prevent fraud and provide further proof of submission, screenshots of the individual’s interactions with the form are taken and stored, along with metadata from the device.

Where you are getting consent over the phone, you need to be able to prove it, and easily locate the evidence in the event of a query or complaint.

Provenance allows companies to link call centre recordings of conversations with the individual to the data record, as well as the call centre script in use at that time to prove that the consent was informed and freely given.

It is not uncommon for companies to gather people’s personal information while they’re on the premises by using cards and paper forms.

With GDPR, this approach will not be compliant, in addition to being a big security risk. However, getting signups from customers while they’re in-store is an excellent lead generation opportunity.

Provenance enables companies who have customer footfall to capture consent using company devices securely, compliantly and have the data delivered straight into their CRM/nurturing process for follow up. The privacy policy and terms and conditions in use are captured, as well as a signature if the company requires it as further evidence of consent.

If you wish to talk to one of our team about ways in which you can get in-store sign ups using incentives, just fill out the form opposite and we’ll be in touch. LolaGrove can power voucher/coupon delivery, process double opt-ins and enable inter-store staff incentive schemes.

The sooner you can get it done the better, because that way you’ll have more consented data to be able to communicate with by May 2018, when GDPR comes into force.

If you are an existing LolaGrove customer, simply speak to your main point of contact about getting Provenance switched on for your existing campaign. It will cost just 10p per processed record to apply Provenance to your existing activity.

If you are not yet a LolaGrove customer, simply fill out the form opposite and a member of the team will get in touch to find out about your requirements.

If you would like to learn more, or are interested in applying Provenance to your lead capture activity, fill out the form below and a member of the team will be in touch