GDPR Consent Checkbox
A GDPR consent checkbox is an unticked, granular form element that lets a visitor explicitly agree to a defined data-processing or marketing purpose before submitting a lead form.
In depth
Under the GDPR, consent must be freely given, specific, informed, and unambiguous, which means the checkbox cannot be pre-ticked and cannot bundle unrelated purposes together. Each distinct activity, such as receiving a newsletter versus sharing data with a partner, should have its own clearly worded checkbox so the visitor understands exactly what they are agreeing to. The submitted choice, along with a timestamp and the wording shown, should be stored as evidence of valid consent.
A frequent mistake is making submission conditional on marketing consent, which invalidates the 'freely given' requirement. In a quiz-funnel, you typically need the email to deliver results, but you must separate that operational use from optional marketing consent. Keeping the checkbox optional and the results gated only behind necessary processing lets you stay compliant while still building a marketing list from genuinely willing respondents.
Example in practice
Frequently asked questions
Can a GDPR consent checkbox be pre-ticked?
No. The GDPR requires a clear affirmative action, so pre-ticked boxes do not constitute valid consent. The visitor must actively tick the box themselves.
Do I need separate checkboxes for different purposes?
Yes, consent must be specific, so bundling unrelated purposes into one checkbox is not allowed. Use a distinct, clearly worded checkbox for each separate processing activity.
Can I require marketing consent to access quiz results?
No. Making access conditional on marketing consent breaks the 'freely given' requirement. Gate results only behind processing that is genuinely necessary to deliver them.