For end users and organisations
A key component of the DigiPac concept is the match-making between end users and organisations. This match-making forms the basis for connecting consents and preferences of end users, with the personal information stored by organisations.

For this match-making to take place, both sides contribute with personal identifiers. This can be national ID numbers, e-mail addresses, mobile numbers, customer ID:s, account numbers, employment ID:s, IP addresses, or campaign codes, which both sides make available at DigiPac. Personal identifiers of end users are easily entered with the DigiPac application, while personal identifiers used by organisations are either uploaded en masse to DigiPac or accessed case-by-case via an API provided by the organisations to DigiPac.

Once connections are made, the exchange of organisations’ consent structures and individuals’ consent preferences can take place. End users are presented with consent topics and response options of each matched organisation, and can with the DigiPac app enter their preferences by selecting from options provided.

Organisations can then extract responses via the DigiPac API into their own operational systems and act accordingly. For instance, to stop using customer data for marketing purposes, or actually start doing that but with better and agreed precision of content.

DigiPac provides a multi-language solution in all aspects. The application user interface comes in all languages of the European countries, giving the user a seamless experience at their local expression, which also supports free movement between the European countries.

For organisations and regulators
DigiPac offers an electronic register for personal identifiable information that organisations are required to retain for full compliance to GDPR Article 30, Records of Processing Activities [ROCA]. Where as per paragraph 1c, a description of the categories of data subjects and of the categories of personal data is required. Moreover, the records referred to in paragraphs 1c shall be in writing, in electronic form.

To fully capitalise these data assets and the electronic representation of them as per paragraph 1c, organisations can add consent management to selected data categories and engage with their users by presenting them with consent topics and response options as described earlier.

As a way to make legislators more effective in their governance, DigiPac provides GDPR regulators with an API to easily access the required ROCA registers of organisations. Allowing them to perform compliance audits and benchmarking uniformly at scale. This in order to ensure full impact of the GDPR objectives.