My wife received an email over the weekend from a local interest group she belongs to with a consent form they asked people to sign. A redacted copy of the form is attached.
It's not the most professional GDPR consent form I've seen and doesn't cover the fact that the chairperson forwards emails willy nilly which have a very tenuous if any connection to the groups activities (a recent classic was her forwarding everyone a newsletter she subscribes to which included at the bottom the links to alter or cancel her subscription to the newsletter!).
So why do I describe it as a total failure? The email was sent to 30+ members with the recipients as To and not BCC, so they'd instantly contravened their own policy by distributing everyone's names and email addresses to all members!