Why are checkboxes the gold standard in privacy consent? We'll show you why you should use checkboxes on your site and where they work best. Stick around for some examples of sites that make the most of this type of consent mechanism and see how you can do the same.
Why You Should Use Checkboxes for Consent
Consent is the hot topic of the day, and new laws like the General Data Protection Regulation (GDPR) now require data controllers and processors to have the consent of data subjects before they even collect certain types of data for processing.
Before 2018, consent was murky business in the digital world. A common way of getting consent was by relying on implied consent: "If you use my site, then you automatically agree to my rules." Implied consent doesn't work anymore.
The GDPR out of the EU created new and reinforced old rules about the way we accept consent to agreements, and consent mechanisms around the world have changed accordingly.
When it comes to consent, the GDPR continues to be precise in its wording:
If you want to meet the standards of valid consent, the consent data subjects provide needs to be:
- Informed and unambiguous
- Come in the form of a statement of clear affirmative action
Privacy laws require clear consent, and that means no more browsewrap.
- Answer a few questions about your business:
- Enter the country and click on the "Next Step" button:
Clickwrap not only keeps you compliant with privacy laws like the GDPR, but it's just better for business. Thanks to clear, specific, and informed consent, a clickwrap agreement is legally enforceable whereas a browsewrap one rarely holds up in a dispute.
How to Use Checkboxes Around Your Site
Checkboxes offer an opportunity to comply with the law and ensure you only collect data from people who freely give their informed consent. Data provided happily by your visitors is far more valuable than what you might otherwise collect through less transparent means. Why? Visitors who freely hand over their data want something from you and offer more value to your data processing.
- Account registration forms
- Checkout/payment processing pages
- Email signup forms
- Contact forms
Why do they work better than other places? These are all places where you're guaranteed to be collecting at least one piece of legally-protected information (such as an email address, name, or financial information), and thus obtaining consent here is contextually important.
Let's look at each of these places in greater detail.
Account Registration Forms
Snappa does the same thing on its account registration pop-up form.
Checkout/Payment Processing Pages
Note that these companies link to their respective Privacy Policies for maximum transparency. Doing so gives users a chance to review on their own terms before completing a transaction.
Email Sign-up Forms
You have a few options here.
Alternatively, you can add multiple mechanisms, which you may find beneficial given the nature of email and email marketing.
His checkbox works because it's very transparent. It clearly declares that he needs emails to deliver prizes, but he is also transparent about using the contest to add to his email funnel. Plus, the checkbox needs to be ticked to enter the contest, so he won't capture any data he shouldn't have.
Breaking your checkboxes down in a granular way is a good idea and helps you stay in compliance with some strict privacy laws like the GDPR. It also gives your users more options, which of course they appreciate.
The European Tourism Association uses a checkbox on its contact form. Using the "I agree" checkbox here not only legitimizes the contact form as a GDPR-compliant lead gathering tool, but it also forces the data subject to reckon with the idea that the ETOA will contact them if they submit the form:
Checkboxes Confirm Consent
Remember, new data privacy rules come with hefty fines, so doubling up on consent mechanisms serves both your visitors and your bottom line.