This document describes an application profile, in this case Consent (Application Profile). The application profile specifies a semantic data model covering a set of use cases. The specification consists of terms with their constraints (cardinalities, codelists, usage guidelines).
Summary
This application profile explains how terminology about consent should be used. By consent we mean the consent that is required from a person to process his personal data.
Almost all the necessary terms come from an existing ontology about processing personal data, namely the Data Privacy Ontology (DPV). Some additional terms were also defined as can be seen in the vocabulary associated with this application profile.
Although DPV is broader and also considers other legal bases, it pays special attention to consent given the importance of this concept when exchanging personal data.
The terminology in DPV is largely based on that in the GDPR but would allow for other similar legislation. See DPV-GDPR for further restriction to GDPR concepts.
This profile was developed as part of TRAPEZE, a project financed by the European Commission to provide citizens with tools to manage their security and privacy. This concurs with the objective of the Solid project to which Digital Flanders contributes and which aims to give citizens back the ownership of their personal data. Hence the need to semantically model consent.
The application profile combines two versions of DPV: the OWL-version for classes, attributes and associations and the SKOS-version for enumerations.
The central class is, of course, Consent.
Consent is requested by a DataController for the Processing of PersonalData of a DataSubject.
For the Consent to be given, the DataSubject needs to be informed by a ConsentNotice of the Purpose and the kind of Processing that is involved. Consent can have a limited Duration.
The model involves a class PersonalDataHandling to group all aspects of the processing of the data for which the DataSubject should give his Consent. Apart from the kind of PersonalData, the Purpose and type of Processing and the DataProcessor and/or possible Recipient, the Risks involved and the Rights of the DataSubject can be documented, as well as the Technical or Organizational Measures that were taken to ensure the data privacy and security.
Status of this document
This application profile has the status of https://data.vlaanderen.be/id/concept/StandaardStatus/KandidaatStandaard published on 2022-11-01.
Information about the process and the decisions involved in the creation of this specification are consultable at the registry of standards.
License
This specification of Digitaal Vlaanderen is published under "Model license Free Reuse - v1.0".
Conformance
An implementation is conformant with this application profile if it satisfies these rules.
Overview
This document describes the usage of the following entities for a correct usage of the Application Profile:
|
Agent |
Consent |
ConsentNotice |
DataController |
DataProcessor |
DataSubject |
Entity |
LegalBasis |
LegalEntity |
Organisation |
Person |
PersonalData |
PersonalDataHandling |
Processing |
Purpose |
Recipient |
Registered Person |
RegisteredOrganisation |
Right |
Risk |
StorageCondition |
StorageDuration |
This document describes the usage of the following datatypes for a correct usage of the Application Profile:
|
Duration |
Identifier |
Location |
Entities
Agent
- Description
- A resource that acts or has the power to act.
- Subclass of
- Entity
- Properties
- No properties have been defined for this entity.
Consent
- Description
- Consent of the DataSubject for the specified Processing of their PersonalData.
- Usage
- REMARK: The name of this class does not imply that Consent has been given or is valid. This depends on the value of attributes like hasConsentStatus and others.
- Subclass of
- LegalBasis
- Properties
- For this entity the following properties are defined: hasConsentStatus, hasDataSubject, hasDuration, hasIndicationMethod, hasLocation, hasNotice, isIndicatedAtTime, isIndicatedBy.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
hasConsentStatus
|
ConsentStatus | 1 | Specifies the state or status of consent. | Examples are: ConsentRequested, ConsentGiven, ConsentWithdrawn etc. | Link |
hasDataSubject
|
DataSubject | 1 | Indicates the association of the Consent with a DataSubject. | ||
hasDuration
|
Duration | 0..1 | Indicates information about the Duration of the Consent. | For example to indicate how long the Consent is valid (eg 6 months), or until what time (eg 31 december 2022) or until which event (eg account closure). | |
hasIndicationMethod
|
IndicationMethodType | 0..1 | Way in which the current state of Consent realized. | Eg for a state equal to GivenConsent if the Consent was given in an analogue or electronic way and if electronic for example by DigitalTickbox or DigitalSignature or other. | |
hasLocation
|
Location | 1 | Location where this stage of the Consent was created. | To be updated when the ConsentStatus changes. | |
hasNotice
|
ConsentNotice | 0..* | Reference to the applied or used ConsentNotice. | ||
isIndicatedAtTime
|
DateTime | 1 | Moment when this stage of the Consent was created. | To be updated when the ConsentStatus changes. | |
isIndicatedBy
|
Entity | 0..1 | Entity that is responsible for this stage of the Consent. | Eg the Dat Controller if the status is ConsentRequested or the DataSubject for a ConsentGiven. To be updated when the ConsentStatus changes. REMARK: Required in case of Consent by delegation, such as in the case of a parent or a guardian responsible for providing or affirming Consent. Can be omitted if the referenced entity is identical to the DataSubject. |
ConsentNotice
- Description
- A Notice for information provision associated with a Consent.
- Usage
- This is to inform the Data Subject before his Consent can be obtained. To be substituted by a String, URL or Document referencing the actual Notice.
- Properties
- No properties have been defined for this entity.
DataController
- Description
- The individual or organisation that decides (or controls) the purpose(s) of processing the PersonalData.
- Usage
- The terms 'Controller' is usually the more common form of indicating a DataController. In ISO/IEC the term 'PII Controller' is used.
- Subclass of
- LegalEntity, Agent
- Properties
- No properties have been defined for this entity.
DataProcessor
- Description
- A 'processor' means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the DataController.
- Subclass of
- Agent, LegalEntity
- Properties
- No properties have been defined for this entity.
DataSubject
- Description
- The individual (or category of individuals) whose PersonalData is being processed.
- Usage
- The term 'data subject' is specific to the GDPR, but is functionally equivalent to the term 'individual' and the ISO/IEC term 'PII Principle'. REMARK: Can also be instantiated as a category, eg PersonalDataHandling123 for DataSubject(s) of type Customer.
- Subclass of
- LegalEntity, Person
- Properties
- For this entity the following properties are defined: type.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
type
|
DataSubjectType | 0..1 | Type of DataSubject. | For example age-based types like Adult, Child or domain-based ones like Patient, Employee ore jurisdictional roles like Citizen, Immigrant. | Link |
Entity
- Description
- A human or non-human 'thing' that constitutes as an entity.
- Usage
- To be used as an abstract superclass and to be substituted by an Agent like a Person or Organisation and/or a LegalEntity like a DataSubject, DataController etc.
- Properties
- For this entity the following properties are defined: hasRelationWithDataSubject.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
hasRelationWithDataSubject
|
DataSubject | 0..* | Indicates the relation between the Entity and a DataSubject. | Typically used in case of Consent by delagation, ie to specify that the Entity that indicated the Consent is related to the DataSubject. The kind of relationship is implied by the types of DataSubject and Entity (typically Child and Parent/Guardian of DataSubject respectively). |
LegalBasis
- Description
- The legal basis used to justify the Processing of the PersonalData.
- Usage
- REMARK: This profile focusses on one kind of Legal Basis, namely Consent. REMARK: DPV provides the possiblity to use LegalBasis as a category, eg the LegalBasis of PersonalDataHandling123 is Consent.
- Properties
- For this entity the following properties are defined: hasPersonalDataHandling.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
hasPersonalDataHandling
|
PersonalDataHandling | 1 | Indicates the association with the PersonalDataHandling. |
LegalEntity
- Description
- A human or non-human 'thing' that constitutes as an entity and which is recognised and defined in law.
- Usage
- Superclass of entities like Data Subject, DataController etc, ie roles with legal importance in the GDPR.
- Subclass of
- Entity
- Properties
- No properties have been defined for this entity.
Organisation
- Description
- A number of people organized into a community or other social, commercial, or political structure.
- Properties
- No properties have been defined for this entity.
Person
- Description
- A natural person.
- Properties
- No properties have been defined for this entity.
PersonalData
- Description
- Data directly or indirectly associated or related to an individual.
- Usage
- This definition of personal data encompasses the concepts used in GDPR Art.4-1 for 'personal data' and ISO/IEC 2700 for 'personally identifiable information (PII)'.
- Properties
- For this entity the following properties are defined: liveData, type.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
liveData
|
LiveDataType | 1 | Indicates how current the data is. | Eg if the data is from a snaphot or if it is up-to-date. | |
type
|
PersonalDataType | 1 | Type of PersonalData. | Examples from the DPV codelist are based on the source of the data (like Derived, Inferred, Observed) or on their sensitivity or other. REMARK: More thematic categories can be found in the DPV Extended Personal Data concepts codelist. | Link |
PersonalDataHandling
- Description
- A high-level Class to describe 'data handling'. This can consist of PersonalData being processed for a Purpose, involving Entities, using TechnicalOrganisationalMeasures, applicable Risks, Rights, and LegalBasis.
- Usage
- REMARK: DPV uses the term 'data handling' to distinguish between the general meaning of processing (eg collect PersonalData from DataSubject123 by DataController456 for the Purpose of marketing) versus the operations pereformed with the data (eg consult, share etc).
- Properties
- For this entity the following properties are defined: has Technical Organisational Measure, hasDataController, hasDataProcessor, hasDataSubject, hasLegalBasis, hasPersonalData, hasProcessing, hasPurpose, hasRecipient, hasRight, hasRisk.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
has Technical Organisational Measure
|
TechnicalOrganisationalMeasure | 0..* | Indicates the use or applicability of a Technical Organisational Measure. | Refers to the type of the Technical Organisational Measure that has been taken to protect the the PersonalData. Examples of TechnicalMeasures are Anonymisation, Encryption, WebSecurityProtocols. OrganisationalMeasures could be measures like ConsentNotices, Privacy Notices, CredentialManagement. | Link |
hasDataController
|
DataController | 1 | Indicates the association with the DataController. | ||
hasDataProcessor
|
DataProcessor | 0..* | Indicates the inclusion or applicability of a DataProcessor. | ||
hasDataSubject
|
DataSubject | 1..* | Indicates the association with the DataSubject. | ||
hasLegalBasis
|
LegalBasis | 1..* | Indicates the use or applicability of a LegalBasis. | ||
hasPersonalData
|
PersonalData | 1..* | Indicates the association with the PersonalData. | ||
hasProcessing
|
Processing | 1..* | Indicates the association with the Processing. | ||
hasPurpose
|
Purpose | 1..* | Indicates the association with the Purpose. | ||
hasRecipient
|
Recipient | 0..* | Indicates the Recipient of the PersonalData. | ||
hasRight
|
Right | 0..* | Indicates the use or applicability of a Right with the PersonalDataHandling. | ||
hasRisk
|
Risk | 0..* | Indicates the applicability of a Risk associated with the PersonalDataHandling. |
Processing
- Description
- The processing performed on the Personal Data.
- Properties
- For this entity the following properties are defined: hasStorageCondition, type.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
hasStorageCondition
|
StorageCondition | 0..1 | Indicates information about the storage of the PersonalData. | ||
type
|
ProcessingType | 1 | Type of Processing. | Refers to the kind of operation that is performed on the PersonalData. Examples are Collect, Disclose, Share. | Link |
Purpose
- Description
- The purpose of processing the PersonalData.
- Properties
- For this entity the following properties are defined: type.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
type
|
PurposeType | 1 | Type of Purpose. | Refers to the reason or justification for the PersonalDataHandling. Examples in the context of Consent are Marketing, Personalised Advertising, Commercial research. | Link |
Recipient
- Description
- Entitiy that receives the PersonalData.
- Usage
- A Recipient of Personal Data can be used to indicate any Entity that receives the data. This can be a Third Party, Processor (GDPR), or even a Controller.
- Subclass of
- Agent, LegalEntity
- Properties
- No properties have been defined for this entity.
Registered Person
- Description
- Person whose information is recorded in a register.
- Subclass of
- Person, Agent
- Properties
- For this entity the following properties are defined: fullName, registration.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
fullName
|
String | 1 | The full name of the person, in a general a combination of the first and last name. | ||
registration
|
Identifier | 1 | Identification code of the person in the register. |
RegisteredOrganisation
- Description
- An organization that is legally registered
- Subclass of
- Organisation, Agent
- Properties
- For this entity the following properties are defined: legalName, registration.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
legalName
|
LangString | 1 | The legal name of the organisation. | ||
registration
|
Identifier | 1 | The registration is a fundamental relationship between a legal entity and the authority with which it is registered and that confers legal status upon it. |
Right
- Description
- The right(s) applicable, provided, or expected.
- Usage
- A 'right' is a legal, social, or ethical principle of freedom or entitlement which dictates the norms regarding what is allowed or owed. Rights as a concept encompass a broad area of norms and entities, and are not specific to individuals or Data Protection / Privacy. REMARK: For individual specific rights, see DPV:DataSubjectRight and EU Fundamental Rights.
- Properties
- No properties have been defined for this entity.
Risk
- Description
- A risk or possibility or uncertainty of negative effects, impacts, or consequences.
- Usage
- Risks can be associated with one or more different concepts such as Purpose, Processing, PersonalData, TechnicalOrganisationalMeasures. REMARK: More info on this class in DPV-Risk.
- Properties
- No properties have been defined for this entity.
StorageCondition
- Description
- Conditions required or followed regarding storage of data.
- Usage
- When the type of Processing is 'store', subclasses of this abstract class allow to specify duration, location etc of the storage.
- Properties
- No properties have been defined for this entity.
StorageDuration
- Description
- Duration or temporal limitation on the storage of the PersonalData.
- Subclass of
- StorageCondition
- Properties
- For this entity the following properties are defined: hasDuration.
| Property | Expected Range | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
hasDuration
|
Duration | 1 | Indicates information about the Duration of the storage. | For example how long the data is stored (eg 6 months), or until what time (eg 31 december 2022) or until which event (eg account closure). |
Datatypes
Duration
- Description
- The duration or temporal limitation.
- Usage
- REMARK: The details of this class can be provided by using the Time Ontology according to the type of Duration. Eg if the type is DPV:TemporalDuration one could adda OWL-TIME:TemporalEntity as an additional type and hasXSDDuration as an attribute.
- Properties
- we have defined the following properties for this datatype: type.
| Property | Expects Type | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
type
|
DurationType | 0..1 | Type of Duration | Examples are TemporalDuration (eg 6 months), UnitilTimeDuration (eg till 31 december 2022), UntilEventDuration (eg until account closure). | Link |
Identifier
- Description
- Information used to uniquely identify of an object.
- Usage
- The basic principle here is that this string is assigned by an organisation and that this is done according to a well-defined system.
- Properties
- we have defined the following properties for this datatype: attributedAt, attributedBy, attributedByAsString, identifier.
| Property | Expects Type | Cardinality | Description | Usage | Codelist |
|---|---|---|---|---|---|
attributedAt
|
DateTime | 0..1 | The date on which the identifier was issued. | ||
attributedBy
|
Agent | 0..1 | Link to the Agent that issued the identifier. | ||
attributedByAsString
|
String | 0..1 | Name of the Agent that issued the identifier. | ||
identifier
|
Literal | 0..1 | String used to uniquely identify the object. | The type of the string refers to the identification system (including its version), the string itself refers to the actual identifier. |
Location
- Description
- A location can be an identifiable geographic place (ISO 19112), but it can also be a non-geographic place such as a directory, row, or column. As such, there are numerous ways in which location can be expressed, such as by a coordinate, address, landmark, and so forth.
- Properties
- There are no properties defined for this datatype.
JSON-LD context
(non-normative)A reusable JSON-LD context definition for this application profile is retrievable at: /doc/applicationprofile/consent/kandidaatstandaard/2022-11-01/context/OSLO-consent-ap_en.jsonld
SHACL template
(non-normative)A reusable SHACL template for this application profile is retrievable at: /doc/applicationprofile/consent/kandidaatstandaard/2022-11-01/shacl/OSLO-consent-ap_en-SHACL.ttl