Context
A financial institution serving diaspora customers faced both Senegalese law (CDP) and the European GDPR. Customer data lived in five unreconciled systems, with duplicates, untraceable consents and access requests handled ad hoc.
The challenge
Build a single compliance posture satisfying both frameworks, without paralyzing sales teams, and turn a data-quality liability into an asset usable by marketing and risk.
Our approach
- 01
A single processing register aligned with the strictest standard, with impact assessments for high-risk processing.
- 02
Business data owners and publicly tracked quality rules (completeness, duplicates, freshness).
- 03
A golden customer record with assisted deduplication, consent management and automated retention-based purge.
- 04
A tooled process for individual rights (access, rectification, objection) with tracked deadlines, and a tabletop-tested breach-response procedure.
Results
Customer data quality improved by more than 90% on tracked indicators, access requests are handled within days with evidence, and CDP filings are current. The golden record now feeds risk scoring and campaigns.
