Atlan Case Studies Tide’s Journey to GDPR Compliance: Automating Privacy Processes with Atlan

Edit This Case Study Record

	Tide’s Journey to GDPR Compliance: Automating Privacy Processes with Atlan Atlan

Tide’s Journey to GDPR Compliance: Automating Privacy Processes with Atlan

Atlan

Technology Category	Cybersecurity & Privacy - Identity & Authentication Management Cybersecurity & Privacy - Security Compliance
Applicable Industries	Buildings Cement
Applicable Functions	Procurement Quality Assurance
Use Cases	Leasing Finance Automation Time Sensitive Networking
Services	Data Science Services
Challenge	Tide, a UK-based digital bank with nearly 500,000 small business customers, faced a significant challenge in improving their compliance with GDPR’s Right to Erasure, also known as the “Right to be forgotten”. The bank's data and legal teams needed to define personally identifiable information and propagate those definitions across their data estate. The process of compliance was difficult and time-consuming, involving manual effort to find and delete data that persisted in secondary systems. Complicating this challenge was a lack of shared definitions of personal data, with differing opinions across organizations from Legal to IT. As Tide's technology stack and architecture grew more complicated, new products and services were introduced, and customers increased over time, the compliance process took only more time and effort. Automating this process became a priority. Read More
About Customer	Tide is a mobile-first financial platform based in the UK, offering fast, intuitive service to small business customers. Data is crucial to Tide, having supported its incredible growth to now nearly 500,000 customers in just eight years. In financial services, data acutely presents risk and demands careful and fastidious protection of sensitive financial information. These risks only increase as enforcement of GDPR increases, with nine-figure fines levied against offending firms in just the last few years. Tide's journey toward data maturity was a daunting one, with the data platform team originally consisting of just two employees. In just four years, the function grew to a team of 67 across data engineering, analytics, data science, and governance. Read More
Solution	Tide adopted Atlan as their metadata platform to improve data discovery, visibility, and governance. Atlan was integrated with their data stack, capturing all relevant metadata. With Atlan, both technical and non-technical users could find the right data asset for their needs, quickly and intuitively. Using Atlan’s data glossary and metrics, Tide began to enjoy better context surrounding their data domains, which set the stage for standardizing classifications of sensitive data like personally identifiable information. Atlan’s automated lineage added transparency so the team could understand where data came from, how it transformed throughout the data pipeline, and where it was ultimately consumed. Tide used Atlan Playbooks (rule-based bulk automations) to automatically identify, tag, and secure personal data, turning a 50-day manual process into mere hours of work. The team is now building a microservices-based orchestrator to handle requests from customers about their personal data, which will be enhanced to anonymize data in accordance with GDPR standards for de-identification and Tide’s data retention obligations as a regulated business. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Identity & Authentication Management

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Buildings

Cement

Applicable Functions

Procurement

Quality Assurance

Use Cases

Leasing Finance Automation

Time Sensitive Networking

Services

Data Science Services

Challenge

Tide, a UK-based digital bank with nearly 500,000 small business customers, faced a significant challenge in improving their compliance with GDPR’s Right to Erasure, also known as the “Right to be forgotten”. The bank's data and legal teams needed to define personally identifiable information and propagate those definitions across their data estate. The process of compliance was difficult and time-consuming, involving manual effort to find and delete data that persisted in secondary systems. Complicating this challenge was a lack of shared definitions of personal data, with differing opinions across organizations from Legal to IT. As Tide's technology stack and architecture grew more complicated, new products and services were introduced, and customers increased over time, the compliance process took only more time and effort. Automating this process became a priority.

About Customer

Tide is a mobile-first financial platform based in the UK, offering fast, intuitive service to small business customers. Data is crucial to Tide, having supported its incredible growth to now nearly 500,000 customers in just eight years. In financial services, data acutely presents risk and demands careful and fastidious protection of sensitive financial information. These risks only increase as enforcement of GDPR increases, with nine-figure fines levied against offending firms in just the last few years. Tide's journey toward data maturity was a daunting one, with the data platform team originally consisting of just two employees. In just four years, the function grew to a team of 67 across data engineering, analytics, data science, and governance.

Solution

Tide adopted Atlan as their metadata platform to improve data discovery, visibility, and governance. Atlan was integrated with their data stack, capturing all relevant metadata. With Atlan, both technical and non-technical users could find the right data asset for their needs, quickly and intuitively. Using Atlan’s data glossary and metrics, Tide began to enjoy better context surrounding their data domains, which set the stage for standardizing classifications of sensitive data like personally identifiable information. Atlan’s automated lineage added transparency so the team could understand where data came from, how it transformed throughout the data pipeline, and where it was ultimately consumed. Tide used Atlan Playbooks (rule-based bulk automations) to automatically identify, tag, and secure personal data, turning a 50-day manual process into mere hours of work. The team is now building a microservices-based orchestrator to handle requests from customers about their personal data, which will be enhanced to anonymize data in accordance with GDPR standards for de-identification and Tide’s data retention obligations as a regulated business.

Impact #1	The adoption of Atlan and the automation of the GDPR compliance process has resulted in improved collaboration between Tide's data and legal teams. The teams now have a common understanding of what constitutes personal data, and this information is documented in their catalog. The automation of the process has not only saved time but also reduced the risk of delays or human error. The team is now able to focus on building broader, more mission-critical solutions. The use of Atlan has also improved context, increased trust in data, and democratized access to Tide’s data. The team is now considering new use cases and ways to drive process efficiencies in their analytics and engineering teams. The success of this project has brought the data team closer to the business, creating organizational change and generating value for the organization.

Impact #1

The adoption of Atlan and the automation of the GDPR compliance process has resulted in improved collaboration between Tide's data and legal teams. The teams now have a common understanding of what constitutes personal data, and this information is documented in their catalog. The automation of the process has not only saved time but also reduced the risk of delays or human error. The team is now able to focus on building broader, more mission-critical solutions. The use of Atlan has also improved context, increased trust in data, and democratized access to Tide’s data. The team is now considering new use cases and ways to drive process efficiencies in their analytics and engineering teams. The success of this project has brought the data team closer to the business, creating organizational change and generating value for the organization.

Benefit #1	Reduced a 50-day manual process into mere hours of work
Benefit #2	Automated identification, tagging, and securing of personal data
Benefit #3	Enabled a 360-degree view of their data estate

Benefit #1

Reduced a 50-day manual process into mere hours of work

Benefit #2

Automated identification, tagging, and securing of personal data

Benefit #3

Enabled a 360-degree view of their data estate

Download PDF Version

Overview

Tide’s Journey to GDPR Compliance: Automating Privacy Processes with Atlan

Operational Impact

Quantitative Benefit