GDPR process descriptions for consumer rights

GDPR process descriptions for consumer rights


Upon the introduction of new GDPR legislation on 25 May 2018, consumers will enjoy new rights with respect to the use of their personal data. In response to requests made by consumers to exercise these rights, the relevant processes have to be set up and documented.


I started by making an inventory of consumers’ rights and possible requests they might have. A great deal of information can be found about this online, but the privacy statement and privacy policy of consumers play key roles. Based on my inventory, and in collaboration with the client, I identified the processes and systems that are currently involved. Wherever necessary, system adjustments were defined and discussed with software providers, business partners and internal scrum teams. For the complete coordination of all the requests, we decided to set up a dedicated coordination desk, the arrangement of which was particularly important because it had to correctly process all these requests. The processes that were currently in place were not efficient enough to carry out the requests. For this reason I defined a new process for every type of request, seen from the perspective of the new coordination desk. Wherever possible, existing processes were included as sub-processes.

Given that the employees and the management had many questions about the new legislation, it was important to ensure they didn’t stall in their efforts to comply with it. Wherever this seemed likely to happen, I ensured that at least a basic framework was in place, thanks to the use of examples and proposals. Details could then be filled in more easily at a later stage.


As was previously agreed, by the end of the assignment we delivered all new process descriptions, which were then documented in the client’s business processes modelling tool. Thanks to these documented process descriptions, the client is now in a position to deal with incoming requests about privacy. The coordination desk has been set up and is ready to process incoming requests as soon as they start arriving. The client, meanwhile, can comply fully with this part of the GDPR.



We’d like to hear from you.
Call us on 020 – 226 01 10 or send an e-mail to




Set up and implementation of a Customer Due Diligence policy

“Making a good start was half the battle”

The challenge facing KAS BANK was to implement a Customer Due Diligence policy and rationalise customer files in a limited timeframe.

In collaboration with ITDS, project manager Marc Brouwer took on the challenge.

A social strategy and implementation for OHRA

“As soon as we were satisfied, they’d raise the bar”

In the space of just a few years the role of Social Media at OHRA has grown from “a nice little extra” to a fully fledged business channel.

Iris Wezenberg – previously Social Media Manager and now Online Service Manager with this Dutch insurer – explains how it all came about.

An international IT strategy and organisational change

“You have to get people onside because not everyone likes change”

In just over 40 years Brunel has evolved from a Delft-based brokerage company into an international service provider employing more than 11,000 people in 37 countries. In many of these countries Brunel used local IT systems, each with its own definitions. To make it all future-proof, all these systems had to be replaced by a single system based on the same standard.

Stefan de Boer, Manager Global IT, tells about the collaboration with ITDS.


 Show all cases


 Show all services


Get the right people on board.

Nowadays, your organisation must be more competitive than it’s ever been. And from all the options that are available to you, it’s an art to be able to choose exactly what is relevant in making you more competitive. The deployment of your organisation and its people is the key to success and they cannot be seen as separate entities. Organisations can only change if their employees and resources are open and receptive to change. Or better still: prepared to take the initiative in making it happen. In this way, change can be carried by the entire organisation. You’ll stay one step ahead of new developments – and the competition.

read more