The ISO/IEC TS 27560:2023 Privacy technologies — Consent record information structure provides guidance for the creation and maintainence of records regarding consent as machine-readable information. It also provides guidance on the use of this information to exchange such records between entities in the form of 'receipts'. This document defines the schemas for the implementation of machine-readable consent records and receipts as defined in ISO/IEC TS 27560:2023 by using the Data Privacy Vocabulary (DPV). This document compliments [[[GUIDE-27560]]].

This document is published by the Data Privacy Vocabularies and Controls Community Group (DPVCG) as a deliverable and report of its work in creating and maintaining the Data Privacy Vocabulary (DPV).

Contributing to the DPV and its extensions The DPVCG welcomes participation regarding the DPV, including expansion or refinement of its terms, addressing open issues, and welcomes suggestions on their resolution or mitigation. For further information, please see the contribution section.

Profiles

The following profiles are provided by DPVCG for the implementation of [[ISO-27560]] in different use-cases. They are defined under the namespace: https://w3id.org/dpv/schema/dpv-27560#, prefixed hereafter as dpv-27560:

  1. dpv-27560:record: Consent Records conforming with 27560
  2. dpv-27560:record-eu-gdpr Consent Records conforming with 27560 and containing information as required by EU GDPR
  3. dpv-27560:receipt-record Consent Receipts conforming with 27560 and providing a copy of the consent record
  4. dpv-27560:receipt-eu-gdpr Consent Receipts conforming with 27560 and providing information as required by EU GDPR