Gatekeeper Pattern to ensure GDPR compliance

Since data security is a very important topic in nowadays companies, being GDPR compliant is required if one has planned to store personal contact information. In order to do so, one can use the Gatekeeper Pattern:


In general, this pattern consists of three steps:

  1. Check if the user already accepted GDPR
    • If yes, go to the agent's main Flow
    • If not,
  2. ask if the virtual agent is allowed to store personal information in the future.
    1. If not, deactivate the Cognigy Contact Profile and go to the agent's main Flow.
    2. If yes,
  3.  Activate the Cognigy Contact Profile, store that the user accepted GDPR, and ask for the first name, for example.

For demo reasons, this example uses the natively integrated Cognigy Contact Profile as a light-weight Contact Relationship Management System. Salesforce, Hubspot, or other third-party systems could be used as well.

In order to check the first value, the Flow needs to contain the following If node:


Since the Then path, when the user said "Yes" just goes to the agent's main Flow, let's take a look at the Else case. In this situation, the virtual agent needs to formulate a clear question of whether to store personal information or not. This could be "In order to provide a better user experience in the future, I would like to store some of your personal information. Am I allowed to this?". Afterward, the Flow needs to check the answer, in this case, Yes or No:


After confirming this question, the nodes Activate Profile and Update Profile are used to provide the functionality to update the information if the user accepted the GDPR. As an additional step, the virtual agent now could directly ask a question to the user talking about their first name, for example. Finally, going to the agent's main Flow would end this pattern. 

In the case of non-confirming the GDPR permission question, the virtual agent uses the Deactivate Profile node to disable manipulating personal data and the Go To node as well to forward the conversation to the main part of the virtual agent.



Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful