What is GDPR ? How to Manage Customer Data with Pega ?

First, let's understand few basic things about GDPR before getting into the Pega Details..

What is GDPR and what does it stand for ?
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU.

When GDPR came into force ?
The result is the mutually agreed European General Data Protection Regulation (GDPR), has came into force on May 25 2018. It will change how businesses and public sector organisations can handle the information of their customers customers.

What Personal data comes under GDPR ?
The types of data considered personal under the existing legislation include name, address, and photos, etc. GDPR extends the definition of personal data so that something like an IP address can be personal data. It also includes sensitive personal data such as genetic data, and biometric data, etc which could be processed to uniquely identify an individual .

What does GDPR mean for EndUsers or Citizens ?

  • Right to Know
  • Right to be Forgotten
  • With Right to Know, Consumers or Citizens have every right to ask about the data the Company(Institution) collected about them.
  • With Righ to be Forgotten, Consumers or Citizens have every right to ask the Company(Institution) to delete the data that they collected about them.

Now, coming to Pega... How the GPDR related to Pega & its Customers ?

As a part of "Pega Marketing, Pega Customer Decision Hub" Solution Implementations for :

  • Marketing Campaigns,
  • Next-Best Action Strategies,
  • Offers, etc

- we know that the Customer Personal Information is the Key & it flows through these components.

In most of the implementations, every time the End-User contacts (interacts) with the company, few details of that Customer Interaction like - Channel through which the Customer Contacting the Company (Mobile, Phone, Email, etc) , the Intent of the Interaction, whether the Particular Offer/Proposition accepted by that User or not, the Mobile number through which they are calling, the Geo-location/Place, etc are stored in Interaction History, " Decision, Strategy, Event "- Results, DataSets of Pega.

So, as per the GDPR, end-users have every right to ask for the data that you collected about them. And also, they have every right to ask you to Erase or Delete the data that you collected about them.

For Managing customer data for regulatory compliance with GDPR, Pega has provided some steps through which you can run an activity

  • that retrieves all data about the customer from Pega applications.
  • that removes all data about the customer from Pega applications.

The following Pega - PDN articles describe how you can comply with these regulations and retrieve or erase the data of your customers, if required.


Hari Kumar Alampuru


Keep up to date on this post and subscribe to comments

March 15, 2019 - 12:38pm

Hi Hari,

Thanks for sharing this info,

where we can find  the user guide of GDPR accelerator (https://community1.pega.com/exchange/components/pega-gdpr-accelerator)

Thanks in advance


April 9, 2019 - 7:18am
Response to ShivaRamBhupathi


As far as I know there is no user guide for this accelerator. Once you install the jars in your sandbox / dev system you can refer to the articles below for further details on the set up, and how and where you need to customize the Framework in order to use it in your context. The accelerator would help in jump starting your application with the  pre-configured classes, flows etc.