Centralized GDPR Consent & Subject Request Management

mConsent can be easily integrated into heterogeneous IT environment with minimal impact on existing systems and processes, with fine grained control of subject’s consents and requests.

Centralized customer consent information store Since personal data is usually stored in different IT systems and subject is serviced through different channels, by using underlying MDM mechanism mConsent can bring new value to the IT landscape, offering 360⁰ insight into customer consents and services. It merges customer account and consent data received from interconnected systems and ultimately attach consent instances to any level of customer hierarchy.

  • Easy integration into heterogeneous customer data environment
    • Minimal impact on existing IT systems
    • Customer hierarchy creation with 360 view using MDM mechanisms
  • Customer consents storage on multiple hierarchy levels
    • Enables customer and micro consents
  • Centralized consent mastering and administration
  • Configurable definition of consents, groups and attributes with communication channels
    • Consents by purpose, duration, priority …
  • APIs for customer consent display and administration on different channels
    • CRMs, self-care, mobile apps …
  • Real time and batch consents evaluation engine
    • Used by external processing systems (Campaign management, DWH …)
  • Configurable Subject Request process implementation
  • Built in graphical reporting with actuals and trends

Consent evaluation engine

Consent evaluation engine can calculate consent status in real-time or through batch requests by evaluating consent instances on different hierarchy levels. Through exposed set of API’s, administration of customer consents becomes available for any front-end communication channel. External processing systems (Campaign management, DWH, etc.) can also access consent status information for each subject and purpose.

Consent configuration options enable enterprise to tailor consents for specific purposes and business requirements. Through GUI, business user can define range of consents with unlimited number of attributes, organize them into hierarchies and groups by purpose and for specific communication channels. Attributes can be used to customize consent display in front end systems (to display additional fields required by consent, or for definition of specific consent rules (limited number of uses, explicit or implicit expiration time, purpose, or combination of rules).

Consent evaluation engine can be configured to calculate consent status for each subject in line with specifics of any industry. By using sum and subtraction operations on different consent levels (Customer ID, Contract, Service and Contact), consent match & merge mechanism (different consents for the same individual, given for different contracts/services), or priority order.

Administration of customer consents (add, update or delete consent, consent activation / deactivation, attribute update, priority change, etc.) is available in mConsent GUI. Also, it can be performed on any existing front end application through mConsent form SSO integration, or by using available API services.

Integration with applications in a complex and distributed enterprise business environment is enabled by set of API’s (SOAP/XML, REST protocols, etc.). This way, customer hierarchy data replication is enabled through real-time plug-in into existing customer replication flows or batch updates, eliminating the need for legacy customer data system changes.


By using customizable query forms with the configurable criteria and filters it is easy to configure the reports according to business needs, based on number of given or withdrawn consents, by consent items/forms, consent channels, customer type, time period, etc.

GDPR Subject Requests management

All types of GDPR Subject Requests (Right to be forgotten, Data Access, Rectification, Data Portability, etc.) can be managed by mConsent solution. Subject request can be entered and initiated directly in mConsent GUI or at Front End systems and then submitted to mConsent module using API’s. mConsent centralizes and atomizes processes execution using workflows tailored to each company specific processes and IT landscape.

Execution is fully configurable through definition of execution steps (manual and automatic), preconditions that must be fulfilled and actions to be executed in GDPR related systems. Full audit history and visualization, with drill down capability, enables consistent monitoring of request execution.