Send me the Mailjet newsletter. I expressly agree to receive the newsletter and know that I can easily unsubscribe at any time.

Other examples of detriment are deception, intimidation, coercion or significant negativeconsequences if a data subject does not consent. The controller should be able to prove that the datasubject had a free or genuine choice about whether to consent and that it was possible to withdrawconsent without detriment.

Controllers have an obligation to delete data that was processed on the basis of consent once thatconsent is withdrawn,assuming that there is no other purpose justifying the continued retention.56Besides this situation, covered in Article 17 (1)(b), an individual data subject may request erasure ofother data concerning him that is processed on another lawful basis, e.g.on the basis of Article6(1)(b).57Controllers are obliged to assess whether continued processing of the data in question isappropriate, even in the absence of an erasure request by the data subject.

Also,mechanisms for data subjects to withdraw their consent easily must be available and informationabout how to withdraw consent must be provided.

With a recognisable, ever present icon, user's can easily manage their consent at any time.

make it as easy to withdraw consent as to give it. The latter gets particularly interesting when considering that in some contexts, consent may be obtained “through only one mouse-click, swipe or keystroke” and therefore “data subjects must, in practice, be able to withdraw that consent equally as easily” per the WP29.

it is a question of balance — if one mouse-click was all it took to consent, is it appropriate to require a phone call during business hours to withdraw that consent? Probably not.