Secure your sensitive personal data with PDP (Personal Data Protector) offered exclusively by SAP® in order to ensure your compliance with GDPR / KVKK and to manage related processes throughout your organization.
With its experience in 20+ successful projects, Nagarro + MBIS is always at your service for SAP® PDP implementations.
Manage the personal data in SAP® or non-SAP® systems or physical environments, take the necessary technical and administrative measures and run all related processes in a holistic way within weeks with Nagarro + MBIS and secure your organization.More information
SAP® PDP (Personal Data Protector) is a specially designed and developed SAP® solution which greatly helps organizations to take measures required by GDPR through managing personal data protection and orchestrating related processes for SAP® , non-SAP® systems and physical environments, centrally and with a holistic approach.
GDPR / KVKK is very detailed and precise in certain areas. With Nagarro + MBIS, use SAP® PDP and take control and manage personal data risks in the rapidly developing digital world with a holistic perspective.
PDP allows organizations to create clarification texts either by modifying existing regulation compliant templates or by designing from-scratch. PDP performs versioning and sends clarification texts via e-Mail to data subjects. PDP provides status tracking, managing and reporting tools for clarification texts.
SAP® PDP automatically collects explicit consents via e-mail for the related processing purposes, allows manual explicit consent record entries, and tracks and reports them. PDP also allows explicit consents collected through non-SAP® systems to be consolidated using various methods, including Web Service integration.
PDP ensures that the anonymization and periodic destruction tasks are configured in the system, the approval process is defined, the masking function is activated for the approved data. The completed tasks are automatically closed, being tracked and reported according to their status. Additionally, PDP creates data anonymization or destruction or tasks for non-SAP® systems and physical environments.
SAP® PDP searches and detects personal data fields in SAP® databases at ‘data element’ level by using its ‘pre-defined data discovery catalogue’. PDP is also capable of finding personal data fields used in customized SAP® transactions if standard data element types are used. Following SAP® data discovery, raw personal data inventory is created by adding non-SAP® fields and data kept in physical environments.
PDP helps organizations by providing reports for keeping the data volumes as small as possible and for having more managable set of data. It supports disabling or completely deleting duplicated personal data and using a single source of data to ease mitigation of data related risks. PDP also helps restricting user athorizations to make sure only necessary users will see or edit personal data with optimum level of authorization.
PDP enables creating and managing one-off or repetitive (periodic) tasks for SAP® , non-SAP® systems or physical environments. PDP distributes these tasks through Web Services and sends e-mail notifications and reminders to accountable staff, tracks task status’ and provides detailed reports.
In the case of personal data breach, PDP allows the violation to be recorded, the necessary research studies to be carried out in the affected systems, to collect fact-finding results, to create and send the reports to official institutions by versioning and to provide the necessary information to the individuals affected by the breach.
PDP provides extensive reporting functions regarding the monitoring of the status of GDPR / KVKK processes, the integrity of the personal data inventory, the information that needs to be provided in line with the information requests, and enables the obligatory reports requested by the regulations.
With its abilities of task management, reporting functions, process status tracking capabilities, and most importantly, the ready master data, process definitions and advanced integration layer it has, PDP enables enterprises to manage not only the processes related to personal data in SAP® , but also non-SAP® systems and environments from a single point.
PDP allows that information requests from data subjects (individuals) or governement agencies are recorded in the system, related tasks are automatcally created, assigned and approved, reminders for incomplete information tasks are sent, summary and detail personal data information reports are created and shared with requestors.
PDP enables creating the Personal Data Processing Inventory by assigning raw personal data to the data groups and managing it as a versionable live document. It controls the consistency of data types and data processing purposes and the integrity of data category assignments. It automatically sends notifications in the case new personal data fields are added to SAP® systems.
PDP logs the access to the personal data defined in the SAP® systems in detail and makes detailed reports based on the person whose personal data is accessed if required. Personal Data access logs kept in non-SAP® systems can also be consolidated and included in reporting in PDP by various methods (FTP, Web Services or real-time access)
SAP® PDP offers many advantages that will enable an institution to fulfill its GDPR / KVKK obligations, both in functional and technical terms.
PDP offers highly customizable technical architecture that can be used according to the special needs of our customers.
SAP® PDP enables ‘purpose and data type based’ user authorization.
PDP warns you in the case new personal data fields are added to your SAP® systems, allowing you to take necessary actions.
PDP allows you to display personal data automatically masked with the SAP® UI Masking according to the specified rules.
It is also possible to use PDP more efficiently with Fiori screens apart from standard SAP® GUI screens.
PDP supports English and Turkish by default , any other languages can be added easily.
PDP does versioning for clarification and explicit consent texts, personal data processing inventory and other necessary set of data/information.
In addition to ECC or S/4HANA, PDP can be deployed for all SAP® all systems that support ABAP, such as HR, CRM, SRM.
PDP ensures that the personal data is transferred from SAP® to BW securely by deleting or masking them depending on the rules defined.
PDP comes with a very comprehensive and effective integration layer with a rich set of Web Services that enables connections with non-SAP® systems.
Special roles defined for personal data with SAP® PDP work integrated and compatible with SAP® GRC Access Control module.
PDP can be used in compliance with Data Loss Prevention systems; e.g. personal data ‘tagging’ for exported MS Excel files.
It offers a real-time notification system that reports users accessing personal data.
Investing on a world-class solution which is continuously developing and adapting itself to future requirements as well regulation changes
Reduced Total Cost of Ownership (TCO) through investing on a single system rather than dealing with many systems
Taking and managing GDPR related measures from a central control platform instead of using fragmanted solutions
Complete and true GDPR compliance with the use of PDP’s best practise read-to-use data and process designs matured throughout the previous implementations
Successful projects, strong references and solid success stories
Effective orchestration of non-SAP® systems and physical locations with PDP’s holistic approach to GDPR requirements.
SAP® ’s global support and commitment to PDP