There are two paths how Trivore Identity Service (TIS) obeys the EU GDPR. First option below is the basic option, and always included in TIS. Second option requires more planning, as it is normally an organisation wide solution.

1. It is possible for user accounts to view own data on a self-service web user interface in human readable way (article 15), and it is possible on a self-service web user interface to download all personal data as a machine-readable JSON file (article 20).

2. It is possible to use TIS as a general company wide MyData Solution to deliver Personal Identifiable Information from many back-end systems to those user accounts registered in TIS. This MyData Solution is an example of an application integrated to TIS. It is very flexible, and can fetch data from any number of organisation back-end systems, be it legacy, or more modern. It can also present the data on TIS, make it downloadable and available over REST end-points to a custom made external website or application.

The first one is always part of TIS. The second one requires integration to back-end systems, and is available on request.

The following image shows the common GDPR processes. For completeness sake, this image includes back-end systems and auxiliary MyData related files, which do not exist in pure TIS-only solution.

The following image shows the full architecture of option 2 with data flows. It includes Trivore Integration Platform, which integrates to TIS, but which is not part of all TIS deployments. It is rather comprehensive.