Reference Case – Pax Insurance Automates GDPR-Compliant Data Deletion

Discover how Pax Insurance, a Swiss life insurance company, implemented Espresso Data Privacy Orchestration to automate personal data deletion across its IT landscape. The project achieved full GDPR/DSG compliance, eliminated manual workflows, and ensured reliable system-wide data management.

Introduction

Pax, one of Switzerland’s leading insurance providers, has taken a significant step toward modern data privacy processes with our support. Through the implementation of the Espresso Data Privacy Orchestration solution, we successfully addressed the complex requirements of GDPR/DSG compliance while streamlining internal operations. The solution was seamlessly integrated into Pax’s existing IT landscape, enabling automated data deletion across various systems. This project marks a milestone in Pax’s digital transformation journey, showcasing their commitment to data security, operational efficiency, and regulatory compliance.


About the Client

Founded in 1876, Pax is a long-standing Swiss company based in Basel. Pax Insurance is organised under the cooperative umbrella of Pax Holding and offers straightforward, needs-based solutions for private and occupational pensions. Pax customers are also members of the cooperative. They benefit from sustainable management and share in the company's financial success. Credible, forward-looking and direct – this describes the relationships Pax forges with its customers, business partners and employees.

With a strong commitment to data protection and regulatory compliance, Pax Insurance partnered with us to implement the Espresso Data Privacy Orchestration solution, aiming to enhance their data management processes and ensure adherence to GDPR/DSG standards.


Challenges

Pax faced significant challenges in automating their data deletion processes while ensuring compliance with GDPR and DSG regulations. Despite having similar data objects and products as large insurance companies, they struggled with complex dependencies between applications. The company's internal infrastructure was undergoing significant transformation, with a new focus on leveraging technologies like Azure Service Bus and API Management. These solutions were still in their early stages, which further complicated the orchestration of automated data deletion workflows across the various systems.


Our Solution

We deployed our centralized data deletion orchestration solution, enabling seamless integration across Pax’s systems, automating data workflows, and ensuring compliance with regulatory requirements. The project involved several key phases:

  • Analysis of Pax’s Complex IT Landscape: We conducted a thorough assessment of the existing infrastructure and systems, identifying critical dependencies and ensuring that all applications were covered by the deletion process.
  • Design of IT Architecture Concepts: Our team designed a flexible and scalable architecture that could handle the complexities of Pax’s diverse system environment. This included creating robust workflows to automate data deletion while minimizing the risk of errors or data inconsistencies.
  • Integration of SAP and Non-SAP Systems: One of the major challenges was bridging the gap between Pax’s SAP and non-SAP environments. We ensured that data deletion was orchestrated consistently across both worlds, enabling seamless integration and data synchronization.
  • Connection of SAP Proxy: To further streamline the deletion workflows, we established a secure connection to the SAP Proxy, ensuring that all SAP-based data could be efficiently handled within the orchestration framework.
  • Integration of Azure Service Bus: Leveraging Azure Service Bus, we facilitated smooth communication between Pax’s internal systems, ensuring reliable data transmission and orchestration of deletion tasks across different applications.
  • Definition of Deletion Chains Across Complex Systems: We developed and implemented a deletion chain strategy based on a comprehensive deletion concept. This strategy ensures that data deletion is performed consistently and accurately across the entire system landscape, considering all application and business object dependencies.
  • Establishment of Operational Processes: After the initial deployment, we focused on the establishment of operational processes to ensure that the data deletion solution remains effective over time. This included setting up ongoing monitoring, management, and adjustments to the workflows as Pax’s IT environment evolves.

Results

The implementation of the Espresso Data Privacy solution has led to significant improvements for Pax Insurance, including:

  • Full Automation of Deletion and Anonymization: The solution completely automated the data deletion and anonymization processes across multiple systems, eliminating manual workflows.
  • Substantial Time Savings: By automating data deletion and anonymization, Pax achieved considerable time savings, streamlining internal processes and reducing operational overhead.
  • Full Compliance with GDPR/DSG Standards: The solution ensures that all data deletion processes are fully compliant with the latest GDPR and DSG regulations, reducing legal and regulatory risks.
  • Enhanced System Reliability: The automated orchestration of data deletion across various systems improved overall system reliability, minimizing the risk of errors and inconsistencies in data management.
  • Successful Production Rollout: Espresso Data Privacy was successfully deployed into production, enabling Pax to manage complex data deletion requirements with ease.
  • Deletion of Diverse Business Data Across Multiple Applications: The solution seamlessly orchestrated the deletion of different types of business data from various applications, ensuring a consistent and secure process.

Client Testimonial

Marco Roth, Head of Operations

"Pax stands for simple, digital processes with personal service for its customers and sales partners. Thanks to the Espresso Data Privacy solution, we have streamlined these processes and achieved full compliance with data protection laws effortlessly. The system has ensured smooth, uninterrupted operations across our organization, with minimal intervention required. We can now perform seamless upgrades without disrupting our day-to-day activities.

Additionally, the partnership with the team behind the solution has been invaluable — their expertise and support have been crucial in enabling us to achieve our goals while maintaining operational efficiency."


Future Outlook

Our partnership with Pax continues as we explore additional automation features and further enhancements to both their data management processes and our Espresso Data Privacy solution. We value the close and open collaboration, built on strong mutual trust, which enables us to continuously adapt and evolve the solution to meet Pax’s changing needs. This ongoing partnership ensures that Pax remains at the forefront of data privacy management while maintaining operational efficiency and compliance.


Download Case Study

You can download a printable version of this reference case as a handout (PDF):

Included in the handout:
  • Architecture and integration overview (SAP, Azure)
  • GDPR/DSG compliance strategy
  • Project milestones and business outcomes

Download Pax Reference Case (PDF)


Contact Us

Looking for a solution to streamline your data privacy processes? Contact us to learn more!

  • Espresso Data Privacy team
    info@espressodataprivacy.com
  • Yoosana GmbH, Gotthardstr. 30, 6300 Zug, Switzerland
    yoosana.com / info@yoosana.com / 0041 79 837 15 16

Want to learn more about our technology? Explore the full documentation or understand the deletion concept behind the Espresso Data Privacy platform.