Onegini Identity Cloud fundamentals

GDPR & Consent Management

Online privacy is increasingly important to both consumers and regulators. The EU has stringent privacy regulations for online data in place, and so do many other countries. The key principles of this regulation should be incorporated into the systems that deal with customer data. That is why we have equipped Onegini Identity Cloud with a range of tools to help you stay compliant.

  • icon
    Fully GDPR-proof
  • icon
    National privacy legislation


Onegini Identity Cloud processes personal data around digital identities. Onegini Identity Cloud offers everything you need to ensure that your customer identity and access management complies with the EU’s General Data Protection Regulation. Onegini complies in terms of Protection, Transparency, Minimization and Free movement.


Onegini Identity Cloud offers your end-user protection in many ways. The digital identity data and transactions are appropriately secured thanks to Onegini Identity Clouds banking-grade security features. The platform uses pseudonymization to separate identifiable data from the digital identity of the user and Onegini provides a full audit trail of all events that occur within the system, so a full history log of events for a specific identity can easily be provided.

Onegini Connect Insights 2


It should be transparent to the end-user what data is being used. With Onegini Identity Cloud, you can always inform your customer of the way their data is being handled and the purposes for which it is used. Customer consent is an integral part of the registration journey, without disrupting the customer experience. Customers are free to withdraw their consent at any time within Onegini Identity Cloud. 


Data minimization and free movement of data

In order to meet data minimization, you can easily ensure that customer data is only used for relevant business processes. Other data that is obtained, like for instance location, is used to prevent fraud and is used for no other purpose like for instance marketing. Free movement of data:  Because Onegini Identity Cloud is built from the ground up in a privacy by design approach, the software complies as can be expected. The functionality provides individuals (and third-party organizations when required) access to their data in a machine-readable format based on specified rules such as the number of times, time frame, and scope. It is possible to block or delete accounts to ensure the customer’s right to be forgotten.

businessman hand working with modern technology and digital layer effect as business strategy concept-1

National privacy legislation

Aside from European legislation, your organization also has to comply with national legislation and regulations on the topic of privacy and consent. Onegini will support all country-specific compliance rules. This may include the creation of different identification procedures for certain security levels or different terms to keep the audit trail in place.

Download whitepaper

GDPR compliance for insurers