WP2: Use cases, requirements and architecture

This WP will provide the ground for defining the BPR4GDPR architecture and operational principles. In this context, the starting point will be the definition of relevant use cases, as well as the in depth analysis of the applicable regulatory framework, particularly the GDPR. Further, the functional and non-functional requirements that will guide the technical WPs (WP3, WP4 and WP5) towards their specification will be derived; to this end, “future personas empathy map” will be employed as part of the non-functional requirements. The final outcome of WP2 will be a sound system and operation architecture towards compliance, specified on the basis of the legislation, use cases, user expectations and needs, and possible constraints and boundaries.

Role of participants

CAS is leading the WP and the T2.3 focused on specifying functional and non-functional requirements. IDIKA, comprising a very challenging environment for GDPR implementation and supporting the “GDPR compliance in own infrastructures and owned data” scenario, will lead the specification of use cases (T2.1). SLG will bring knowledge and experience both in methodologies as well as architectural concepts and orchestrate the specification of the system architecture (T2.4). BAK will lead the analysis of the legal framework and the extraction of legal requirements for GDPR-compliance (T2.2). Finally, all partners will be involved based on their competences in the use cases, requirements and architecture specification.


In the context of this work package, use cases will be specified and analysed, including, and going beyond, the ones already described in the proposal. Moreover, analysis of the GDPR will provide a solid regulatory ground to build upon, defining the provisions to be followed and the goals to meet during the project. Based on the use cases and regulatory analysis, the technical requirements, which will guide the technical WPs towards their specification process, will be derived. Further, this work package will shape the BPR4GDPR system architecture on the basis of the conceptual scenarios, user expectations and needs, and possible constraints and boundaries. More specifically, the objectives of this WP are summarised as follows:

  • Specification of use cases.
  • Thorough analysis of GDPR, as well as other related acts.
  • Derivation of requirements and association with the technical WPs (WP3, WP4, WP5).
  • Synthetise all the requirements in integrated system functional and technical specifications.
  • Draft an overall general architecture based on building blocks that will take into account the regulatory analysis, functional and non-functional requirements and include user interfaces and APIs.