CORVALIS
Anmelden

Consent Management

How Sophie obtains and manages consent from applicants.

Consent is the basis for GDPR-compliant data processing. Sophie manages this automatically.

Allows basic processing of applicant data.

Granted at:

  • First contact by applicant
  • Application for an apartment

Includes:

  • Storage of contact details
  • Communication via email
  • Review of application

For additional communication channels.

Optional for:

  • WhatsApp communication
  • SMS notifications
  • Phone contact

For processing sensitive documents.

Granted before:

  • Uploading pay slips
  • Uploading credit check
  • Uploading ID card

Automatic Obtaining

  1. First Contact Sophie greets the applicant and informs about data processing.

  2. Confirmation Applicant confirms consent by continuing communication.

  3. Documentation Sophie stores time and type of consent.

For sensitive data, Sophie requests explicit confirmation:

"To fully review your application, we need your credit check. Do you agree that we process this data?"

The applicant responds with yes or no.

In Applicant Profile

  1. Open the applicant
  2. Go to Data Protection
  3. See all granted consents

Overview

Under Settings > Data Protection > Consents:

  • All consents by status
  • Export for documentation

By Applicant

Applicants can revoke consent at any time:

  1. Applicant writes to Sophie: "I revoke my consent"
  2. Sophie confirms revocation
  3. Respective processing is stopped
  4. You are informed

Consequences

Revocation of Basic Consent:

  • Communication is stopped
  • Application cannot continue
  • Data is scheduled for deletion

Revocation of Individual Channels:

  • Only respective channel is deactivated
  • Application continues via other channels

Double Opt-In

For Email Communication

  1. Applicant provides email address
  2. Sophie sends confirmation link
  3. Applicant clicks link
  4. Email is verified

Advantages

  • Legal certainty
  • Protection against spam registrations
  • Proof of consent

Burden of Proof

Sophie documents for each consent:

  • Time (date and time)
  • Type of consent
  • Content of information
  • Channel (email, WhatsApp, etc.)
  • IP address (if available)

Export

Under Settings > Data Protection:

  • Click Export Consents
  • Select period and format
  • Download documentation

Best Practices

  • Regularly check consent status
  • Inform applicants transparently
  • Respect revocations immediately
  • Document all consents