BPR4GDPR’s Trial 2: compliance-as-a-service in cross-organisational automotive CRM

The CAS automotive CRM (Customer Relationship Management) system, which is used in BPR4GDPR’s second trial, caters to the needs of multiple stakeholders participating in the network of car dealerships. Today, car dealers use modern networking and computing capabilities that include online services that store and process their users’ personal data. Cross-organisational collaboration involves the full breadth of involved stakeholders within the automotive CRM context: car dealers, car manufacturers, suppliers, auto certification services (TÜV, ΕΛΟΤ Α.Ε.), call centres, service providers, customers, lead data providers, vehicle license issuers, vehicle registration certificate issuers, employees, job applicants, leads, or banks. The information processed in this trial includes personal information such as client and lead data, digitalised receipts, client activities, services provided to clients, or interactions of all stakeholders with clients and leads. The aim of the trial is to enforce GDPR compliance in typical settings in which car dealerships conduct their business and network. The trial uses privacy-aware process re-engineering to enable GDPR compliance to the regulation by implementing technical mechanisms and business processes for accountability, process verification, and adaptation. The aim of the trial is broken down into the following three research and innovation goals:

More details can be found here.