Specific: Consent must be given for specific purposes

[nusaibatara]

Freely Given: Individuals must have a genuine choice, without coercion or pressure. Don't make consent a condition of accessing a service unless strictly necessary for that service.
You can't bundle all permissions into one generic checkbox. For example, a user should be able to consent to a newsletter without consenting to third-party data sharing.
Informed: Individuals must understand what they brazil phone number list are consenting to. Provide clear, concise information about how their data will be used, who will access it, and their rights. Link to your privacy policy.
Unambiguous: Requires a clear affirmative action (e.g., ticking an unchecked box). Pre-ticked boxes are non-compliant.
Easy Withdrawal: Individuals must be able to withdraw consent as easily as they gave it (e.g., an unsubscribe link in every email).
Example for B2C in Bangladesh: If a customer visits an e-commerce site from Dhaka and wants to sign up for fashion updates, they should tick a box explicitly stating, "Yes, I would like to receive email updates on new arrivals and promotions," with a clear link to the privacy policy.

2. Legitimate Interest (Common for B2B Lead Generation)
For B2B lead generation, especially cold outreach to professional email addresses, legitimate interest can often be a lawful basis. This is where your business has a genuine and legitimate reason to process personal data, and this interest is balanced against the individual's rights and freedoms. A Legitimate Interest Assessment (LIA) is crucial here, involving a three-part test:

Purpose Test: Is there a legitimate interest for your processing? (e.g., promoting relevant business services to potential clients).