How did SEDAŞ
secure personal data with
the SAP® PDP (Personal Data Protector)
About SEDAŞ (Sakarya Elektrik Dağıtım A.Ş.)
Sakarya Elektrik Dagitim A.S. renders service in the cities of Sakarya and Bolu. Following a
decision passed by the High Board of Planning in 1993, SEDAS became one of the 7 General
Directorates functioning as subsidiaries with headquarters in Sakarya
SEDAŞ has been handling only electricity distribution activities since 2013 due to activity
unbundling. Additionally, the activities of electricity sale, consumption invoice, and payment
points are included in the duty and responsibility scope of assigned suppliers and retail
The area of activity of SEDAŞ is to build new distribution facilities and provide capacity
increase, build additional facilities within the current network, carry out works for network
operation and maintenance, evaluate connection implementations, render service by concluding
connection contract with electricity consumers, read index from consumption meters, carry on
lighting works, perform meter change and calibration operations in electricity distribution,
manage technical and non-technical losses and carry out the necessary actions to decrease
electricity failures, energy outage duration and provide the continuity of electricity supply
within the scope of the investment program for electricity distribution services.
Project implementation method: Remote (with digital connection and communication tools)
Project completion period:
Number of companies in the scope of the project:
Number of customers whose personal data is kept: Approximately 2 million
Full compliance with GDPR and real risk management
Real-time reporting of users accessing personal data
Orchestration of systems and environments other than
SAP® within the scope of GDPR
How did we succeed
together with SEDAŞ?
SEDAŞ started the SAP® PDP Project in the beginning of 2021. First of all, personal data inventories prepared by SEDAŞ were transferred directly to SAP®. With the PDP solution, authorized users can view personal data according to their authority roles, while unauthorized users see all personal data as masked.
With the PDP solution, users will be able to follow clarification texts, explicit consents,
anonymization, and destruction processes through SAP®.
With this project, it has been ensured that the GDPR measures are taken and managed
centrally, not in parts, but in a way that considers both personal data security and all
The project was successfully put into live use on March 8, 2021. Afterwards, live support
was given for 2 weeks.
With the SAP® PDP project, processes in both SEDAŞ’s ERP and CRM systems are followed in
accordance with GDPR.
With our SAP® PDP project, the following gains have been achieved for SEDAŞ:
Total Cost of Ownership advantage in the medium and long term
with a single system instead of investing in many systems
End-to-end meeting the need for field-based authorization in
Full compliance with GDPR and real risk management with
ready-to-use data, processes, and experiences brought by PDP
Data masking with SAP® UI Masking Solution
Reporting in accordance with GDPR processes
Recording access to personal data (log)
Creating SAP® compatible user roles for personal data
For more information,
you can review our PDP page.