Data retention tool
To find out more about us and our products. Check out our blog
A tool for managing personal data retention, including automated and integrated data deletion across multiple systems simultaneously, while maintaining data consistency between systems.
- Ensures compliance with personal data protection regulations — reducing the risks of non-compliance and legal consequences of violating data processing rules
- Supports consistent data deletion management across multiple IT systems and data processing workflows with different legal bases and retention periods
- Eliminates risky and ineffective manual data deletion processes performed by staff, which often result in errors and data integrity incidents
- Supports effective and comprehensive execution of data subject rights (right to erasure) consistently across all systems
- Ensures logging of all operations, providing full accountability and auditability along with evidence
- Prevents improper or excessive data deletion
Who is it for?
Oblivio is a solution for:
Every company that:
- Has at least 1 system in which it stores and processes personal data.
- Is aware of the current challenges related to the processing of personal data, but doesn't yet have a ready solution in place.
- Uses many varied legal bases to process personal data.
IMPORTANT
Oblivio integrates with one of our other products Detecto, so you can easily search for personal data in various systems and databases.
How does it work?
Initial state
Oblivio - data retention and anonymization system
Two separate business systems containing customers’ personal data
(can be different in different systems):
System A - sales system
System B - marketing system
The processing contract expires
In System A the basis for processing personal data expires.
Based on the configured data retention rules, Oblivio detects that the legal basis for data processing in Systems A and B has disappeared.
Start of the anonymization process
After the retention period has elapsed, the anonymization process begins.
The system maintainer is asked to accept data retention (this step can be skipped and is fully configurable). If approval is given, Oblivio generates a fictitious person and implements anonymization in Systems A and B.
Exit state
Customer data has been anonymized in Systems A and B.
Implementation process
1
Identification of personal data in systems
At this stage, we identify the presence of personal data in the customer's systems.
We also specify on what legal basis personal data sets are processed.
IMPORTANT This process can be aided by our third product, Detecto, which automatically detects personal data in databases.
2
Data analysis
Based on the indicated data, the data locations and the method of anonymization are determined.
The relationships between systems are taken into account so that the anonymization maintains data consistency across all systems.
3
Determining data retention rules
The data retention rules for systems are set. The basis for data processing by the system, the retention period and the person responsible for personal data in a given system are also defined during this stage.
ATTENTION The rules are flexible and reflect real-life processes.
Want to implement tools for anonymization and/or retention of personal data?
Make an appointmentCase Studies
Company in the Telecommunications Industry
The company processes personal data and stores it across various IT systems — both in databases and in files that may be stored in cloud repositories, on personal computers, or in email systems. For many of these data sets, the retention period has already expired, meaning the legal basis for processing them is no longer valid. This led the organization to ask an important question:
How much customer data are we still storing, even though the permitted processing period has expired?
OBLIVIO generated a list of more than 300,000 individuals whose data should be removed from the company’s systems due to exceeded retention periods.
OBLIVIO enables real-time verification of which personal data is processed in compliance with legal retention policies across all systems, and supports effective, real-time retention policy management.