Data Protection and GDPR with Pimcore

Pimcore provides several tools and settings to provide GDPR compliance for implementation providers and users.

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The EU’s new General Data Protection Regulation (GDPR) takes effect on May 25, 2018. Why does this eventually affect Pimcore and Pimcore based solutions? Content and customer experience management solutions, such as Pimcore, play an essential role in delivering contextually relevant and personalized digital experiences. Such solutions need to track, store and process visitors' personal and behavioral data and therefore may be affected by this new regulation.

As Pimcore is a framework for delivering personalized experiences and not an out-of-the-box solution, the client, company, agency or software integrator implementing Pimcore must be aware of the GDPR and its consequences. As such, Pimcore does not give any consultation or legal advice, but provides comfortable tools to help to achieve GDPR compliance.

Which data is affected?

The GDPR defines personal data as any information relating to an identified or identifiable person. In short, any data that can help directly or indirectly identify a person. Names, identification numbers, email addresses, location data, IP/MAC addresses or other network identifiers are all examples of personal data that can directly identify a person. Online orders, behavioral data and so on, can indirectly identify a person.

Pimcore provides various tools to stay GDPR compliant. You can find them below.

1. Restriction of access to data

Restriction of data access is achieved with Pimcore’ s extensive permission system. It allows restricting the access, changing and deleting information based on user and role levels. For details have a look at our documentation about users and roles.

Another handy tool - the Permission Analyser - allows analyzing the actual permissions of a Pimcore user for a certain data element.

2. Right of access to data

For searching and exporting data related to a person, Pimcore provides the new GDPR Data Extractor tool, which is available with our latest build (December 5, 2017). Features included:

  • Search for data related to a person, based on first name, last name, and e-mail
  • Show a list of all data including additional details
  • Export all data as JSON
  • Delete personal data directly from the result list

For more information concerning configuration see your GDPR Data Extractor Development Docs.

3. Right to rectification & right to erasure

Pimcore supports the paradigm of single-source-publishing and delivering data to various output channels. All information and data are just stored in one single place and is reused in needed channels. Because of this paradigm, rectification of data is made very easy since it only needs to be done in one place. Once updated and published, the information is delegated to all places where it is used and Pimcore takes care of the rest.

Also in terms of erasure of information, Pimcore’ s single-source-publishing plays a vital role. Once a data element (e.g. data object) is deleted, Pimcore automatically cleans up all related data (e.g. versions, etc.) and updates the data in all places where it was used.


Know more:

Christian Kemptner
  • Marketing & Partner Management
147 articles by this author

Lees meer Pimcore nieuws

With the new Pimcore Enterprise Marketplace, subscribers to the Pimcore Enterprise Subscription now have access to additional Enterprise Extensions provided by our partners. In...
februari 08, 2021
Pimcore X, the tenth release of the leading open-source Pimcore Platform will be released officially with the first release candidate on March 31, 2021. Ten years of Pimcore, ten...
februari 03, 2021
Going headless is not only a trend in the content management and experience management market, but also in the field of product information management and master data management....
februari 03, 2021
Pimcore is known as one of the leading Data and Experience Management Platforms. So far, it was very successful with its Open-Source Community Edition. Nevertheless, Pimcore is...
februari 08, 2021

Meer dan 80.000 bedrijven gebruiken Pimcore.