Consent Withdrawal Policy

A consent that was previously recorded in a workspace’s consent ledger was withdrawn. The receipt is a tamper-evident record that the withdrawal was registered, supporting a data subject’s right to withdraw consent as easily as it was given.

• A previously-recorded consent was withdrawn.
• The withdrawal was registered at the recorded time.

The receipt commits to the following as SHA-256 hashes. The hashes prove the values existed and have not changed, without disclosing the values themselves:

• Consent record identity
• Data-subject reference
• Withdrawal timestamp

Provided as context for what the receipt records. References to law are not a claim that any specific processing is compliant — that responsibility stays with the controller.

• GDPR Art. 7(3) — right to withdraw consent
• GDPR Art. 6(1)(a) — consent as a lawful basis

This page describes what the corresponding anchored receipt attests. The receipt is a tamper-evident record of a declaration or event made by the workspace that issued it. It is not legal advice, not a regulatory endorsement, and not proof that the underlying processing is lawful. The issuing controller remains solely responsible for its compliance.

This receipt policy is published so that the policy_uri carried by minted receipts resolves to a stable reference. The legal wording is pending review by Dekimu Labs S.L. and may be revised; substantive changes will ship under a new version path (the existing version stays resolvable for receipts that reference it).