Documentation
incode.com
  1. Foundations

User Consent for PII Data

Overview of the types of consent needed for collection of personally identifiable information (PII) and why consent is important.

Properly collecting customer consent and complying with all regional laws and regulations are critical operations for any business. Incode supplies the necessary tools to easily collect and manage consent for customers in all geographic regions (including GDPR-regulated countries). This is a general guide. For the complete set of requirements regarding which types of consent you need to collect and how to collect it, please review your Master Service Agreement (MSA) and contact customer support.

Types of Consent

There are two primary types of consent that Incode requires:

  • Privacy Consent: This is also commonly referred to as user consent. Collection is required for all customers.
  • Machine Learning Consent: This consent stipulates that Incode has gathered the informed consent necessary to anonymize collected user data for the purpose of improving our machine learning models.

Both of these consent types are combined in the Data Sharing Consent module.

Collecting Consent

There are two primary methods for gathering the necessary consent and submitting it to Incode so that it can be stored with a user's identity. Please see your MSA for additional details.

  • Dashboard: Customers can select the Data Sharing Consent module.
    • If you have your own custom consent, you can append Incode's privacy consent to your custom consent so that they are collected simultaneously. Click the preceding link to the Data Sharing Consent module article for instructions.
  • API: If consent is collected prior to performing an onboarding, the collected consent (which must include the required Incode consent) can be uploaded to a session via the API. To upload a consent object to an onboarding session, see the Add User Consent endpoint.

For custom integrations using our SDKs or a completely white-labeled app that only uses our API, the above consent policies must be collected and sent to Incode. Most of our SDKs contain built-in modules; however, if an SDK does not have a built-in module, you can collect the consent via a custom screen and use our API to send the consent to Incode.

Local Laws and Regulations

While Incode provides tools to assist with compliance of local laws and regulations, it is the responsibility of every business to seek legal council and ensure that all local, state, and federal laws are upheld.

Updated about 2 hours ago