Proof of Submission

Under strict privacy regulations like GDPR, "Accountability" (Article 7(1)) is a core principle. You must be able to prove that a user consented to your terms.

However, this creates a paradox: You need to save data to prove consent, but saving too much data (like raw IP addresses) violates the principle of "Data Minimization."

Flux solves this by generating a specialized Proof of Submission record. This is a lightweight, structured JSON object attached to every notification (email or webhook). It acts as a digital receipt of the transaction.

The Evidence Record

Every time a form is submitted, Flux generates a JSON artifact like this:

{
  "record_id": "550e8400-e29b-41d4-a716-446655440000",
  "timestamp_utc": "2026-01-23T09:20:00Z",
  "user_identifier": {
    "email_hash": "a3f5b2...", 
    "ip_address": "192.168.1.1" 
  },
  "context": {
    "form_id": "landing_page_ebook_download",
    "url": "[https://www.example.com/ebooks/gdpr-guide](https://www.example.com/ebooks/gdpr-guide)",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)..."
  },
  "consents": [
    {
      "type": "terms_and_privacy",
      "status": "accepted",
      "method": "button_click",
      "trigger_label": "Download Ebook",
      "legal_text_version": "v2.1",
      "disclaimer_text_visible": "By clicking Download, you agree to our Terms and Privacy Policy."
    },
    {
      "type": "marketing_newsletter",
      "status": "opt_in", 
      "method": "checkbox_checked",
      "is_pre_ticked": false,
      "checkbox_label_seen": "Yes, I would like to receive weekly updates and offers via email."
    }
  ],
  "form_data_structure": {
    "fields_collected": ["first_name", "email", "marketing_consent_checkbox"],
    "hidden_fields": ["campaign_source_utm"]
  }
}

Anatomy of the Proof

This record contains non-intrusive technical artifacts that link a specific user to a specific action without necessarily hoarding sensitive data.

1. User Identifier (Anonymity)

  • Email Hash: Flux provides a cryptographic hash of the email address. This allows you to verify consent later (by hashing the email you have on file and comparing it) without storing the raw email inside this specific log file.
  • IP Address: Recorded to establish the location/network origin of the request. _Note: Depending on your local laws, you may choose to truncate or hash this.

2. Context (Where & When)

  • Timestamp (UTC): The exact second the action occurred. UTC is used to prevent timezone confusion during audits.
  • Form ID & URL: Proof of exactly where the consent happened (e.g., specific landing page vs. generic footer). This protects you if a user claims they signed up on a page that didn't have a disclaimer.
  • User Agent: Identifies the browser/device (e.g., "Chrome on macOS"). This adds credibility to the log (fingerprinting) without identifying the person directly.

3. Granular Consents (The "What")

Flux breaks down every single action the user took.

  • Method: Distinguishes between Active Consent (checkbox_checked) and Implied Consent (button_click).
  • Is Pre-Ticked: Explicitly records that the box was false (empty) by default, proving you did not use "Dark Patterns" to trick the user.
  • Label Seen: Saves the exact text the user saw. If you change your marketing copy next week, you still have proof of what this specific user agreed to today.

4. Policy Versioning (Crucial)

You must record which version of your legal documents was active at the moment of submission.

  • The Problem: If you update your Privacy Policy in 2026 to include "Data Sharing with 3rd Parties," you cannot apply that clause to a user who signed up in 2024.
  • The Solution: Flux records the legal_text_version (e.g., v2.1). This allows you to prove the user agreed to "Version 2.1" and not the controversial "Version 3.0."

How to use this

Flux attaches this JSON object to your Notifications.

  • SMTP: It is included as an attachment or a metadata footer in the email sent to your admin
  • Webhooks: It is included in the JSON payload sent to your CRM or backend.

Recommendation: Store this JSON string in your CRM (e.g., Salesforce, HubSpot, or a custom DB) alongside the user's contact record. If you ever face a GDPR audit or a user complaint, this string is your primary defense.