Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us

REQ.310 Request user consent

This document contains the details of the security requirements related to the management and protection of data privacy in the organization. This requirement establishes the importance of requesting the user's consent whenever their data will be collected.


The system must request the user’s consent whenever it will collect any information about them or their actions.


Systems usually request information from the users or collect it based on their interactions with the application. Regulations demand that none of these collections occur without the user’s consent and that this consent be demonstrable afterwards. Therefore, consent must always be requested in a clear manner and using an easy to understand language before collecting any personal information.


  1. GDPR. Art. 7: Conditions for consent.(1). Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data.

Service status - Terms of Use