Skip to main content

How It Works

Based on the configuration you provided, the Privacy Computation Engine infers a set of Processing Records that contain:

  • Identification of the data field in your database. Table/Object and field/property. E.g. USER, e_mail_address
  • A Privacy Scope e.g. (CONTACT.EMAIL x {COLLECTION, STORING, USING} x {SERVICES,COMPLIANCE})
  • One or more Legal Bases e.g. a legal base of type CONTRACT

It is possible to end-up having several records for one Data Category, e.g.

Data in databasePrivacy ScopeLegal bases
table:USER field:nameNAME.FIRST-NAME x {COLLECTION, STORING, USING} x {SERVICES,COMPLIANCE}CONTRACT
table:USER field:e_mail_addressCONTACT.EMAIL x {COLLECTION, STORING, USING} x {SERVICES,COMPLIANCE}CONTRACT
table:USER field:e_mail_addressCONTACT.EMAIL x USING x {MARKETING,ADVERTISING}LEGITIMATE-INTEREST
table:USER field:e_mail_addressCONTACT.EMAIL x SHARING x {ADVERTISING}CONSENT

The records given in the example correspond to the situation of a System that is processing the user's e-mail address for purposes of providing services to the user and for compliance with regulation (KYC) under CONTRACT legal base. The same System is sending marketing and advertising e-mail to the user under LEGITIMATE-INTEREST assuming that as long as the user does not object they might be interested in additional services. The System only shares the e-mail with partners under CONSENT legal base.