Skip to main content
ClickTerm helps you collect and document user consent in a way that supports GDPR compliance. This page outlines best practices for using ClickTerm within a GDPR framework.
This page provides general guidance, not legal advice. Consult your legal team to ensure your specific implementation meets regulatory requirements.
Under GDPR, valid consent must be:
  • Freely given — Users must have a genuine choice
  • Specific — Consent must be for a defined purpose
  • Informed — Users must understand what they’re agreeing to
  • Unambiguous — Requires a clear affirmative action (e.g., clicking “I Agree”)

How ClickTerm supports compliance

Clear affirmative action

ClickTerm’s clickwrap dialog requires an explicit click to accept — no pre-checked boxes or implied consent. Users must actively choose to accept or decline.

Full audit trail

Every interaction is recorded as a Clickwrap Event with:
  • Exact timestamp of the action
  • The specific template version presented
  • The user’s IP address and device information
  • The complete text of the agreement (with placeholders resolved)

Immutable records

Published template versions are immutable. Once a version is published, its content cannot be modified. This ensures the agreement text shown to the user matches exactly what’s in the audit record.

Certificate of Acceptance

For every accepted event, ClickTerm generates a Certificate of Acceptance — a digitally signed PDF containing all relevant metadata. This serves as admissible evidence of consent.

Best practices

Use separate templates for each purpose

Create distinct templates for each type of consent (Terms of Service, Privacy Policy, Marketing Consent). This allows users to consent to each purpose independently.

Version carefully

Use major versions when terms change substantively — this triggers re-acceptance for all users. Use minor versions only for non-material changes like typos or formatting.

Record who accepted what

Always pass an endUserId that maps to your internal user record. This creates a clear link between the consent event and the individual.

Use placeholders for personalization

Include the user’s name and other identifying information via placeholders. This strengthens the evidentiary value of the agreement.

Provide access to accepted content

Use ClicktermDialog.showAcceptedContent() or the API to let users review what they agreed to at any time, supporting the GDPR right of access.

Download and archive certificates

Regularly download Clickwrap Agreements via the API and store them in your own compliance archive.