> ## Documentation Index
> Fetch the complete documentation index at: https://docs.clickterm.com/llms.txt
> Use this file to discover all available pages before exploring further.

# GDPR & consent best practices

> How to use ClickTerm to meet GDPR consent requirements and document compliance.

ClickTerm helps you collect and document user consent in a way that supports GDPR compliance. This page outlines best practices for using ClickTerm within a GDPR framework.

<Warning>
  This page provides general guidance, not legal advice. Consult your legal team
  to ensure your specific implementation meets regulatory requirements.
</Warning>

## Key GDPR consent requirements

Under GDPR, valid consent must be:

* **Freely given** — Users must have a genuine choice
* **Specific** — Consent must be for a defined purpose
* **Informed** — Users must understand what they're agreeing to
* **Unambiguous** — Requires a clear affirmative action (e.g., clicking "I Agree")

## How ClickTerm supports compliance

### Clear affirmative action

ClickTerm's clickwrap dialog requires an explicit click to accept — no pre-checked boxes or implied consent. Users must actively choose to accept or decline.

### Full audit trail

Every interaction is recorded as a **Clickwrap Event** with:

* Exact timestamp of the action
* The specific template version presented
* The user's IP address and device information
* The complete text of the agreement (with placeholders resolved)

### Immutable records

Published template versions are immutable. Once a version is published, its content cannot be modified. This ensures the agreement text shown to the user matches exactly what's in the audit record.

### Certificate of Acceptance

For every accepted event, ClickTerm generates a **Certificate of Acceptance** — a digitally signed PDF containing all relevant metadata. This serves as admissible evidence of consent.

## Best practices

### Use separate templates for each purpose

Create distinct templates for each type of consent (Terms of Service, Privacy Policy, Marketing Consent). This allows users to consent to each purpose independently.

### Version carefully

Use **major versions** when terms change substantively — this triggers re-acceptance for all users. Use **minor versions** only for non-material changes like typos or formatting.

### Record who accepted what

Always pass an `endUserId` that maps to your internal user record. This creates a clear link between the consent event and the individual.

### Use placeholders for personalization

Include the user's name and other identifying information via [placeholders](/product/templates/placeholders). This strengthens the evidentiary value of the agreement.

### Provide access to accepted content

Use `ClicktermDialog.showAcceptedContent()` or the API to let users review what they agreed to at any time, supporting the GDPR right of access.

### Download and archive certificates

Regularly download Clickwrap Agreements via the [API](/dev/guides/downloading-certificates) and store them in your own compliance archive.
