General Data Protection Regulation

Implement GDPR quickly, reliably, and comprehensibly

Use centralized rules to implement GDPR specifications immediately

GDPR requirements affect financial institutions and insurance companies in almost all areas. Three core issues are crucial for successful implementation:  


Analysis of IT applications and interfaces

Analysis of data handling in a variety of IT applications 

Evaluation of retention periods

Provision of a central software application for automated evaluation of legal retention periods

Delete, pseudonymize, and block

Execution and logging of deletion activities in various systems


Implement the GDPR with PPI AG and ACTICO

PPI AG and ACTICO support financial institutions in designing and implementing a central rule set. PPI acts as a consulting partner, assuming responsibility for both analysis and testing and project management. ACTICO provides data protection software for modeling the rule set that ensures compliance and monitoring of data protection requirements.

ACTICO and PPI AG are currently working on a centralized, rule-based General Data Protection Regulation solution for ING DiBa.



Central software component for deleting, pseudonymizing, and blocking

In the course of joint data protection projects, PPI and ACTICO have developed a solution approach that focuses all data protection decisions focus on rules.

This approach includes the following.:

  • Maintenance of the legal basis, including retention periods
  • Determination of retention periods and decision to delete/pseudonymize/block
  • Monitoring and logging in the interest of auditability

This central component is based on the ACTICO Rules decision management system. The advantage is that GDPR rules can be graphically modeled. This allows the business department to understand them as well as IT does.