Achieve end-to-end consent management through Dira's Consent Management module
Automatically obtain and track consent across every channel: cookie consent on your website, parental and guardian consent for minors, patient-data consent in healthcare, and customer consent at sign-up or in person. Every decision is captured as an immutable consent receipt and tracked through to withdrawal - fully aligned with Kenya DPA 2019 s.32 and s.33.
Why this matters
Built for your compliance outcomes
Collect consent everywhere
Every channel, one consent record
- Cookie banner SDK for your website
- Hosted consent forms and QR links
- API capture from your own apps
- Assisted capture for in-person consent
Audit-proof records
Immutable, timestamped consent receipts
- Cryptographic consent receipts
- Withdrawal tracked with timestamp
- Version history for consent changes
- ODPC-ready audit export
Self-service preference centre
Fewer DSRs, stronger trust
- White-labelled preference portal
- Category-level controls for subjects
- One-click withdrawal pathway
- Embeds on your domain
Consent for every context
Minors, patients, and customers covered
- Parental and guardian consent (s.33)
- Patient-data consent for healthcare
- Re-consent campaigns when purposes change
- Source and assurance level on every record
Features
Everything you need, nothing you don't
Cookie Banner SDK
Configurable, lightweight JavaScript SDK for any frontend stack. Loads asynchronously. Respects pre-existing consent signals.
Hosted Consent Forms
Branded consent request pages, QR and event links, and assisted capture for collecting consent beyond the browser.
Parental & Guardian Consent
S.33 workflows for minors: guardian relationship capture, assurance levels, and granular choices for school and family contexts.
Consent Receipts
Cryptographically-signed, immutable consent records capturing timestamp, version, IP hash, and categories granted.
Withdrawal Handling
Real-time withdrawal flow via the self-service preference centre, with propagation to connected systems.
API & Webhooks
Programmatic access to consent data. Real-time webhooks for consent events. CRM and CDP integrations.
DPA alignment
Every feature maps to a DPA section
Dira is built from the Act, not retrofitted to it. Here's exactly how each capability addresses your Kenya DPA 2019 obligations.
| Product Feature | DPA 2019 Section | What it fulfils |
|---|---|---|
| Granular consent categories | s.32(1)(a) | Fulfils the "specific" requirement - separate consent per purpose, not blanket acceptance |
| Freely-given mechanism | s.32(1)(b) | No bundled consents, no pre-ticked boxes, no penalty for withholding |
| Informed consent copy | s.32(1)(c) | Clear, plain-language descriptions of what each processing purpose involves |
| Withdrawal pathway | s.32(4) | Withdraw consent as easily as it was given, without detriment to the data subject |
| Consent receipts | s.25(1)(e) | Documented record of the lawful basis (consent) for each processing activity |
| Age verification controls | s.33 | Parental or guardian consent mechanism for processing personal data of minors |
How it works
Step-by-step workflow
Connect your channels
Drop the Dira consent script onto your site via tag manager, npm, or script tag - or launch hosted consent forms and QR links for capture beyond the browser.
Configure categories
Map your cookies and processing activities to DPA-aligned categories. Dira pre-populates suggestions.
Customise and publish
Set brand colours, copy language, and banner position. Preview in real time. Go live with one click.
Monitor and optimise
Review consent rates and withdrawal trends in your dashboard. A/B test to improve opt-in rates over time.
FAQ
Common questions
Do I need consent for all cookies under Kenya DPA 2019?
What makes consent valid under the DPA?
How do I handle consent for users under 18?
Can I use legitimate interest instead of consent?
Start using Consent Management today
30-day free trial. No credit card required. Full access to all Data Privacy products from day one.