Gartner Market Guide for Consent and Preference Management 2020
Central to most privacy laws is the challenge of providing users clarity about and control over their personal data. This research allows security and risk management leaders to evaluate universal consent and preference management capabilities to make a balanced, forward-looking product choice.
Fair&Smart recognized as a Representative Vendor
The consent and preference management market comprises an ecosystem of vendors providing services that consolidate end-user choices regarding how their personal data should be handled. These preferences are then synchronized across a variety of legacy, active and incoming repositories, both on-premises and in the cloud. The ultimate intent is to extend visibility and control to users, allowing them self-determination over how much of their data to expose, to whom and for what purpose, with the option of changing their preferences at will.
Security and risk management leaders should ensure that the configuration of their CPM front end prioritizes privacy UX principles, with clear language to provide users the opportunity to make an informed and explicit choice.
Gartner, “Market Guide for Consent and Preference Management,” Nader Henein, Bart Willemsen, Bernard Woo, December, 8, 2020.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Established in 2016, Fair&Smart has focused on the two principal aspects of the privacy UX: subject rights management (Right Requests), and consent and preference management (Right Consents). Created in France, the solution is exclusively European-owned, run and hosted — a key differentiator for many concerned with data residency and data sovereignty following the invalidation of Privacy Shield.