Data Model
How the API sees the information
Data Models
Configuration
The diagram below demonstrates how the configuration of permissions are held in the DataGuard Consent & Preference Management application.
NOTE - this is not a comprehensive diagram of all configuration data, it is intended to indicate the overall structure.
Transactions
The diagram below demonstrates how permissions transactions are held in the DataGuard Consent & Preference Management application. Please note this is not a comprehensive diagram of the transactions data.
Permission States
Not all States are suitable with each Lawful Basis in the DataGuard Consent & Preference Management platform. The table below details which states are appropriate with the relevant Lawful Basis.
If an invalid combination is sent within the API an error will be returned.
| Processing Justification | Allowed States | Format |
|---|---|---|
| consent | Granted, Denied, Pending* | 'GRANTED', 'DENIED', 'PENDING' |
| legitimate-interest | Claimed, Objected, Objection Upheld | 'CLAIMED', 'OBJECTED', 'OBJECTION_UPHELD' |
| contract, public-interest, vital-interest, legal-obligation | Claimed | 'CLAIMED' |
Pending Consent State
To support regional regulation which requires a double opt-in flow (e.g. Germany) and to assist customers who wish to add an additional verification step in their consent processes, the platform supports a pending state. This teamed with our double opt-in email flow can provide the end to end capability to ensure citizens cannot be signed up and marketed to by people who simply know or guess their email address.
No Justification
Where no state has yet been recorded, the API will not return any state (null), but the call centre UI will display ‘No Justification’. This value is calculated in the UI.
Expired
There is no Expired state in DataGuard Consent & Preference Management.
When a Valid Until’ date passes, the state in the UI will revert to ’No Justification’ (null) if no other historic transactions can be used to fall back to, or will fall back to the underlying state of applicable permission.
The API will not return a state as standard.
It is possible to return the an inferred state of 'Expired' from the API by setting an additional parameter on the GET query for effective permissions.
For more details on how to return the inferred expired from the API see the Get Effective Permissions section.
Updated almost 2 years ago