Skip to main content
LinkedIn
Copied!

Table of Contents

GDPR request management application

Version:

Only available versions of this content are shown in the dropdown

You can configure a GDPR request management application to verify customer identity and initiate requests on behalf of a customer. You configure your GDPR request management application according to your business needs and the type of interface that you want to offer.

If you do not have a Pega Infinity™ CRM application, Pega Exchange provides a prototype application called the GDPR Accelerator that you can download and customize. For more information, see Pega GDPR Accelerator.

The GDPR Accelerator

You can also create your own GDPR request management application by using the GDPR Accelerator.

For more information about see the General Data Protection Regulation Demonstration video.

The case types are children of Demo-GDPR-Work. The GDPR request management application supports the scenario in which a customer calls a call center, and the call center operator uses the application to verify the customer’s identity and to initiate the request on behalf of the client. You can further automate the process with additional customization.

The following figure shows case processing by a GDPR request management application that supports multiple applications.

For example, you can configure your banking application to include a web Mashup so that the logged-in customer can make a GDPR request directly, without using a call center. In this scenario, the Mashup submits the GDPR request.

CBAC cases

CBAC case processing proceeds as follows:

  1. Within the GDPR request management application, a case is created for each client request, and a subcase is created for each repository. For example, for an Access request where three repositories are defined, there are three subcases.
  2. If the subcase is for a repository that represents an application, a REST request is created. (The REST APIs are defined in the DataPrivacy category of the API.) A case is created in the application to handle processing the request. The request results are temporarily stored on the case. The results are sent back to the GDPR request management application subcase, and the personal data is removed from the case in the Pega application. The results are returned to the GDPR request management application by using a REST API over HTTPS.
  3. The results of the subcases are combined in the parent case. When the results have been retrieved by the client, the GDPR request management application removes the personal data from the case, while retaining the other case properties for auditing purposes.
Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us