This document describes an application profile, in this case Consent (Application Profile). The application profile specifies a semantic data model covering a set of use cases. The specification consists of terms with their constraints (cardinalities, codelists, usage guidelines).
Summary
The application profile Consent shows how terms out of the accompagnied vocabularium should be used to exchange and processing of personal data of a person who gave consent to do so.
This application profile is part of the TRAPEZE project. A project financed by the European Commission, that delivers a platform as a solution for organisations and citizens with some concrete objectives on security and privacy. It aims to bring stakeholders together under a common framework to provide citizens with the tools and know-how to manage their security and privacy. It wants to support consent mechanisms and checking that data is used in the right way. The aim is to restore citizens' trust in the digital economy by implementing log integrity, non-repudiation and building data lineage and transparency by design. Concrete applications that must prove their usefulness are worked out for three domains: government, telecom and the financial sector.
Digital Flanders is working together with Solid who is working on the use of Pods to give citizens back their ownership of their personal data. In the light of this collaboration we tried to model consent for the use of personal data semantically. The model maximized the reuse and conformance to related international standars, such as DPV, GConsent, CCCEV, OSLO Generic etc.
Link to Consent vocabulary: https://purl.eu/ns/consent
Status of this document
This application profile has the status of https://data.vlaanderen.be/id/concept/StandaardStatus/KandidaatStandaard published on 2022-02-23.
Information about the process and the decisions involved in the creation of this specification are consultable at the registry of standards.
License
This specification of Digitaal Vlaanderen is published under "Model license Free Reuse - v1.0".
Conformance
An implementation is conformant with this application profile if it satisfies these rules.
Overview
This document describes the usage of the following entities for a correct usage of the Application Profile:
|
Agent |
Consent |
Criterion |
Data Controller |
Data Processor |
Data Retention |
Data Subject |
Delegation |
Document |
Evidence Type |
Expiry |
Filter |
Given Consent |
Information Required |
Legal Basis |
Minor Data Subject |
Personal Data |
Personal Data Handling |
Processing |
Purpose |
Registered Organisation |
Registered Person |
Right |
Risk |
Third Party |
This document describes the usage of the following datatypes for a correct usage of the Application Profile:
|
Identifier |
Location |
Period Of Time |
Entities
Agent
- Description
- Someone or something that can perform actions or produce an effect.
- Properties
- No properties have been defined for this entity.
Consent
- Description
- Consent of the data subject regarding processing of their personal data
- Subclass of
- Legal Basis
- Properties
- For this entity the following properties are defined: consent document, creation time, for personal data, invalidates, is consent for data subject, is invalidated by, is previous consent for, is provided by data subject, is provided by delegation, is provided to, is provided to controller, location, medium, notice, status.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
consent document
|
Document | 0..* | An human readable document is provided of the consent. | ||
creation time
|
DateTime | 1 | The moment in time in which this specific version of the consent was created | This moment changes whenever the status of the consent is being updated. For example, when a data controller requests a consent a consent will be made with the creation time being equal with the moment of the request. When later on the data subject gives consent a new consent will be made with a new status (e.g. explicitlyGiven) and the creation time of this consent will be equal to the moment in which the data subject has granted consent. | |
for personal data
|
Personal Data | 0..* | The personal data for which the consent was given | ||
invalidates
|
Consent | 0..* | A newer version of a consent invalidates a previous version of the consent | ||
is consent for data subject
|
Data Subject | 1 | Links a consent instance with the data subject it is associated with. | ||
is invalidated by
|
Consent | 0..1 | A previous version of the consent is invalidated by a newer version of the consent | ||
is previous consent for
|
Consent | 0..1 | Denotes that this consent instance is the previous consent for the specified consent instance. | ||
is provided by data subject
|
Data Subject | 1 | Indicates that the consent is given by the data subject. | ||
is provided by delegation
|
Delegation | 1 | Specifies the delegation that provided this consent. | ||
is provided to
|
Delegation | 1 | Indicates the Person or Data Controller the consent was provided to. | ||
is provided to controller
|
Data Controller | 1 | The consent that is provided to the data controller | ||
location
|
Location | 1 | The location where this specific version of the consent was created | Similar use as for CreationTime | |
medium
|
Medium Type | 1 | The way this specific version of the consent was created | ||
notice
|
LangString | 1 | Additional note added to the consent | ||
status
|
Consent Status | 1 | Represents the status of consent for the data subject. | This allows persisting the determination of the validatity or suitability of consent (as an entity or instance) for use in processing and other activities. Examples: consent is given, consent is requested but not given, consent was withdrawn. |
Criterion
- Description
- Condition for evaluation or assessment.
- Usage
- Checking the Criterion can require extra info (hence the class InformationRequirement) which in turn can require the class Evidence. A full description of this class is to be found in the CCCEV-ontology.
- Properties
- No properties have been defined for this entity.
Data Controller
- Description
- A Data Controller is defined as "The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data."
- Properties
- For this entity the following properties are defined: can withdraw consent, was provided consent.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
can withdraw consent
|
Consent | 0..* | Refering to the possibility for a data controller to withdraw the consent | This should be used in cases where the data controller made a mistake in the consent. To stop the request or make a new one the controller should first withdraw the previous consent. | |
was provided consent
|
Consent | 0..* | The consent was provided to the data controller |
Data Processor
- Description
- A ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- Usage
- A data processor will only be used if the controller is commissioned by the data controller to perform the processing for the data controller.
- Subclass of
- Third Party
- Properties
- For this entity the following properties are defined: identifier, legal name.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
identifier
|
Identifier | 1..* | Unique method to prove the identify of the Data Processor. | ||
legal name
|
LangString | 1 | The legal name under which the Data Processor is registered. |
Data Retention
- Description
- The policies of persistent data management for meeting legal and business data archival requirements
- Properties
- For this entity the following properties are defined: data retention policy document, expiry date, expiry time, legal basis, live data, processing, start date.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
data retention policy document
|
Document | 0..* | An human readable document is provided explaining what are the data retention requirements related to the consent. | ||
expiry date
|
DateTime | 0..1 | The date on which the data retention stops | ||
expiry time
|
Period Of Time | 0..1 | The duration of the data retention, starting from the start date | ||
legal basis
|
Legal Basis | 1 | The legal basis that substantiates the data retention | ||
live data
|
Boolean | 1 | Stating if the data should be a snapshot (i.e., not live data) or if the consent requires access to the latest version of the data (i.e., live data) | ||
processing
|
Processing Type | 0..* | Processing specifies what is happening to/with the data. | ||
start date
|
DateTime | 1 | The moment in time when the data retention starts |
Data Subject
- Description
- The individual whose personal data is being processed.
- Properties
- For this entity the following properties are defined: can cancel consent, has consent, provided consent.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
can cancel consent
|
Consent | 0..* | Refering to the possibility for a data subject to cancel a previously given consent | ||
has consent
|
Consent | 0..* | Links a data subject to their consent. | ||
provided consent
|
Consent | 0..* | The data subject is the entity which provided the consent |
Delegation
- Description
- A Delegation of consent occurs when another entity, whether a data subject or their representative or an automated mechanism, provides the consent on behalf of the intended Data Subject.
- Properties
- For this entity the following properties are defined: has consent given by delegate, is consent delegation for, provided consent.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
has consent given by delegate
|
Agent | 1 | The delegation has been provided by a certain delegate. | ||
is consent delegation for
|
Data Subject | 0..1 | The delegation is a consent delegation for someone to give consent in name of the data subject | ||
provided consent
|
Consent | 0..* | The entity which provided the consent is the one to whom the consent has been delegated. |
Document
- Description
- Document containing detailed information on the identity of the controller, the planned processing operations, the purpose and legal basis and on the measures taken to protect its data.
- Properties
- No properties have been defined for this entity.
Evidence Type
- Description
- Information about the characteristics of an Evidence.
- Usage
- A full description of this class is to be found in the CCCEV-ontology.
- Properties
- No properties have been defined for this entity.
Expiry
- Description
- Specifying when or under which quantifiable condition(s) the consent will expire
- Subclass of
- Criterion
- Properties
- For this entity the following properties are defined: expiry cadance, expiry date, expiry frequency, expiry time.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
expiry cadance
|
Period Of Time | 0..1 | The time between moments in time when the data may be retreived for processing | ||
expiry date
|
DateTime | 0..1 | The moment in time up to which the data may be processed | ||
expiry frequency
|
Integer | 1..* | The number of times the data may be processed | ||
expiry time
|
Period Of Time | 0..1 | The duration during which the data may be processed |
Filter
- Description
- A filter added to the personal data to further limit the specifications of the personal data.
- Properties
- For this entity the following properties are defined: period.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
period
|
Period Of Time | 0..1 | A period of time. |
Given Consent
- Description
- Represents a consent entity that is considered given whether implicitly, explicitly, or by delegation.
- Subclass of
- Consent
- Properties
- No properties have been defined for this entity.
Information Required
- Description
- Requested data that is to be proven by Evidence.
- Usage
- A full description of this class is to be found in the CCCEV-ontology.
- Properties
- No properties have been defined for this entity.
Legal Basis
- Description
- The Legal basis used to justify processing of personal data
- Properties
- For this entity the following properties are defined: oSLO:is legal basis for, type.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
oSLO:is legal basis for
|
Personal Data Handling | 0..* | The legal basis under which the data handling takes place | ||
type
|
Legal Basis Type | 1 | The type of legal basis. |
Minor Data Subject
- Description
- A Minor is a Data Subject who cannot provide their own consent (that is legally valid). Therefore, their consent must be obtained via a Guardian or Legal Representative or Parent.
- Subclass of
- Data Subject
- Properties
- No properties have been defined for this entity.
Personal Data
- Description
- Any information relating to an identified or identifiable natural person (i.e., the DataSubject).
- Properties
- For this entity the following properties are defined: is personal data for consent, personal data document.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
is personal data for consent
|
Consent | 1 | Links personal data with the consent it is associated with. | ||
personal data document
|
Document | 0..* | An human readable document is provided explaining what personal data which is part of the consent. |
Personal Data Handling
- Description
- A high-level Class to describe 'data handling'. This can consist of personal data being processed for a purpose, involving entities, using technical and organisational, applicable risks, rights, and legal basis.
- Properties
- For this entity the following properties are defined: data handling document, has legal basis, live data, measure, personal data category, personal data type, right, risk.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
data handling document
|
Document | 0..* | An human readable document explaining how the personal data will be handled. | ||
has legal basis
|
Legal Basis | 0..1 | Indicates that the handling of personal data has a legal basis. | ||
live data
|
LiveData | 1 | Stating if the data should be a snapshot (i.e., not live data) or if the consent requires access to the latest version of the data (i.e., live data) | ||
measure
|
Technical Organisational Measure | 0..* | Technical measures required/followed when processing data of the declared category | ||
personal data category
|
Personal Data Category | 1 | A category of personal data | ||
personal data type
|
Personal Data Type | 1 | A type of personal data | ||
right
|
Right | 1 | The right(s) applicable, provided, or expected. | ||
risk
|
Risk | 1 | A risk or possibility or uncertainty of negative effects, impacts, or consequences. |
Processing
- Description
- Processing specifies what is happening to/with the data.
- Properties
- For this entity the following properties are defined: involves third party, type.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
involves third party
|
Third Party | 0..* | Indicates wheter a ThirdParty in involved in processing the data or not. | For example the dataProcessor that processes the data on behalf of the DataController. | |
type
|
Processing Type | 1 | The type of processing. |
Purpose
- Description
- Purpose refers to the aim or goal towards which the data is processed (or associated with any other form of action).
- Properties
- For this entity the following properties are defined: type.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
type
|
Purpose Type | 1 | The type of purpose. |
Registered Organisation
- Description
- An organization that is legally registered
- Subclass of
- Agent, Organisation
- Properties
- For this entity the following properties are defined: legal name, registration.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
legal name
|
LangString | 1 | The legal name of the organisation. | ||
registration
|
Identifier | 1 | The registration is a fundamental relationship between a legal entity and the authority with which it is registered and that confers legal status upon it. |
Registered Person
- Description
- Person whose information is recorded in a register.
- Subclass of
- Agent, Person
- Properties
- For this entity the following properties are defined: full name, registration.
Property | Expected Range | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
full name
|
String | 1 | The full name of the person, in a general a combination of the first and last name. | ||
registration
|
Identifier | 1 | Identification code of the person in the register. |
Right
- Description
- The right(s) applicable, provided, or expected.
- Properties
- No properties have been defined for this entity.
Risk
- Description
- A risk or possibility or uncertainty of negative effects, impacts, or consequences.
- Properties
- No properties have been defined for this entity.
Third Party
- Description
- Represents an Agent that is a Person or an Organisation other than the current entity (w.r.t. data protection laws).
- Properties
- No properties have been defined for this entity.
Datatypes
Identifier
- Description
- Information used to uniquely identify of an object.
- Usage
- The basic principle here is that this string is assigned by an organisation and that this is done according to a well-defined system.
- Properties
- we have defined the following properties for this datatype: attributed at, attributed by, attributed by as string, identifier.
Property | Expects Type | Cardinality | Description | Usage | Codelist |
---|---|---|---|---|---|
attributed at
|
DateTime | 0..1 | The date on which the identifier was issued. | ||
attributed by
|
Agent | 0..1 | Link to the Agent that issued the identifier. | ||
attributed by as string
|
String | 0..1 | Name of the Agent that issued the identifier. | ||
identifier
|
Literal | 0..1 | String used to uniquely identify the object. | The type of the string refers to the identification system (including its version), the string itself refers to the actual identifier. |
Location
- Description
- A location can be an identifiable geographic place (ISO 19112), but it can also be a non-geographic place such as a directory, row, or column. As such, there are numerous ways in which location can be expressed, such as by a coordinate, address, landmark, and so forth.
- Properties
- There are no properties defined for this datatype.
JSON-LD context
(non-normative)A reusable JSON-LD context definition for this application profile is retrievable at: /doc/applicationprofile/consent/kandidaatstandaard/2022-02-23/context/OSLO-consent-ap_en.jsonld
SHACL template
(non-normative)A reusable SHACL template for this application profile is retrievable at: /doc/applicationprofile/consent/kandidaatstandaard/2022-02-23/shacl/OSLO-consent-ap_en-SHACL.ttl