What are we trying to solve for?
Per the GDPR, organizations must provide a clear and concise Consent Checkbox that allows the user to agree to before submitting their data for processing. Because of this, we must include a consent checkbox on all custom forms when the Consent Checkbox is enabled.
What is the solution?
As a non-member, when I am visiting a website page that has a custom form on it, I want to view and agree to the privacy policy terms before I can input any values in the form fields before submitting.
This is the story where we will create a user control to capture the consent when it is enabled.
When the Consent Checkbox is enabled, if a nonmember is on a page that has a custom form, and that non-member has not previously consented, we will display the consent checkbox at the top of the custom form.
The non-member user must agree to the Privacy Policy/Consent Checkbox before they can input any values into the custom form and submit it.
Once the user has consented and submitted the form, we will store that consent in a session cookie so that user does not have to consent again if they visit another page where consent may be required. This cookie will only be stored for that browser session.
We will capture the Date/Time stamp, IP address and the page URL in which the user submitted their consent. This can be captured at the time of Form Submission.
What does the solution look like?
When a non-member is on a custom page with a custom form on it and that user has not previously consented, we will display the Consent Checkbox above the custom form.
What is the Acceptance Criteria?