💼 P2.1 The entity communicates choices available regarding the collection, use, retention, disclosure, and disposal of personal information to the data subjects and the consequences, if any, of each choice.

Contextual name: 💼 P2.1 The entity communicates choices available regarding the collection, use, retention, disclosure, and disposal of personal information to the data subjects and the consequences, if any, of each choice.
ID: /frameworks/soc-2/p2/01
Located in: 💼 P2.0 Privacy Criteria Related to Choice and Consent

Description

Explicit consent for the collection, use, retention, disclosure, and disposal of personal information is obtained from data subjects or other authorized persons, if required. Such consent is obtained only for the intended purpose of the information to meet the entity's objectives related to privacy. The entity's basis for determining implicit consent for the collection, use, retention, disclosure, and disposal of personal information is documented.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 P2.1-1 Communicates to Data Subjects
💼 P2.1-2 Communicates Consequences of Denying or Withdrawing Consent
💼 P2.1-3 Obtains Implicit or Explicit Consent
💼 P2.1-4 Documents and Obtains Consent for New Purposes and Uses
💼 P2.1-5 Obtains Explicit Consent for Sensitive Information
💼 P2.1-6 Obtains Consent for Data Transfers

Description​

Similar​

Sub Sections​

Description

Similar

Sub Sections