Add purpose (GDPR)

[benjaoming]

Description

We are storing consent and where the consent originated for, and to what has been consented.

In order to align properly with GDPR, we should also store the purpose of the activity. Once the purpose is gone, the consent should also automatically withdraw, as we are not allowed to keep people's data without a purpose!

Purposes can be modeled independently from consent sources and consent.

[aehlke]

have you moved on from this valuable project? :)

[benjaoming]

Thanks for asking - No, I have not moved on, the project is still intended to be released for real usage!

From documentation: https://django-consent.readthedocs.io/en/latest/

October 2021: @benjaoming has joined GovStack’s working group on Consent Management.

As to the status of the current models: Everything is subject to change.

While the GovStack initiative deals with governmental use cases, I think that it will be very useful for a generic purpose, where websites of smaller organizations are the focus. I think it's a big advantage to be able to look away from scaling to millions of users and also that the consent data can live as Django models in smaller web applications.. we'll probably have something useful much faster with this simpler focus.

[benjaoming]

If you're interested @aehlke, the view of the GovStack working group is described here, which is something that I'm really optimistic about can push for much better solutions for digital consent: https://www.linkedin.com/pulse/digital-consent-foundation-human-centric-society-lal-chandran/