Quantyca Data Privacy image


Digital evolution has brought several improvements: the volumes of personal data collected, their diffusion across corporate systems and the opportunities generated in order to produce personalized customer experiences.

At the same time, the regulatory obligations for personal data managers have also increased (e.g. GDPR, IVASS Regulation no. 38/2018, Bank of Italy Circular 263 and 285, etc. ..).
A correct management of this data is therefore crucial to avoid economic and reputational damage due to improper use.

Data privacy aims to de-identify the data management through various anonymisation techniques in order to allow its use while reducing the regulatory constraints that need to be observed in order to be compliant.


Among the main problems related to the lack of data privacy management we can find:

  • High risks of sanctions for non-compliance in the processing of personal data
  • Limits on the use of collected data to avoid sanctions
  • Reputational risks due to public evidence of misuse of collected personal data
is the percentage of turnover
that defines the ceiling for the regulator's combined penalties for non-compliance with GDPR rules (2021)
of companies expect an increase
in data privacy spending in the coming year, with an average increase of 50%
IBM (2020)
of Americans are not entirely sure
whether companies would admit mistakes or take responsibility for misuse or compromise of their personal data, and 69 per cent express doubts about their data being used for purposes they would welcome
Pew Researcher Center (2019)


The cloud data platform exploits the peculiarities of the cloud to acquire, transform, store and make accessible a potentially unlimited amount of data, reducing operational costs and increasing development agility.

Once acquired in batch or real-time mode, the data is stored and consolidated within the data lake by on-demand integration processes.

On top of the data lake consisting of a scalable and cost-effective storage system (i.e. object storage), query engines are grafted to access the data. Depending on the type of access pattern, it is possible to have different types of query engines.

It is also possible to have a data visualization tool to provide analytical consumers with a single semantic data access layer, thus masking the underlying fragmentation into multiple query engines.

The full route

1. Foundation
Infrastructure setup; at-rest encryption of all data; de-identification for entities containing higher risk information for a limited set of personal data types (e.g. email and credit cards)
2. Govern
Integration with governance tools for defining data types and protection requirements; use of discovery tools for data whose type of information is not known in advance; drill-down of roles to specify Row-Level and Column Level security rules for each entity
3. Expand
Expand coverage to other entities and data types


Greater trust of data sharers
Greater control over data
Reduced risk following a critical data privacy event
Reduction of risks related to sanctions for compliance violations

Need personalised advice? Contact us to find the best solution!

This field is for validation purposes and should be left unchanged.

Join the Quantyca team, let's be a team!

We are always looking for talented people to join the team, discover all our open positions.