Portfolio No.: 9602-03
Subject: Data Protection

PROMOS pseudonymisation tool for test systems

Data protection-compliant system copies and test systems thanks to pseudonymised data

You probably know this! Test systems are always used in companies when new functionalities, solutions or simple changes to customising have to be tested for their effectiveness and manageability. For this purpose, a one-to-one copy of the live system is usually created, which contains real data from all business partners and therefore personal data, e.g. from the tenants. This situation is problematic from a data protection perspective.

The PROMOS tool for pseudonymisation was developed so that housing companies can continue to carry out tests with a large number of distinguishable values on their systems. The tool pseudonymises all personal data on a test system. This involves changing the data of both active and inactive partners so that they are given a unique pseudonym. This allows us to continue working with these pseudonymised but distinguishable values while complying with the requirements of the EU GDPR.

Article 6 (4), Article 25 (1) and Article 32 (1) of the EU GDPR stipulate requirements for the pseudonymisation of personal data, which can be easily implemented in test systems with the help of the PROMOS pseudonymisation report.

How it works

Pseudonymisation is carried out simply by starting a program that is executed as part of the setup of a test system. Customising settings define which fields are to be pseudonymised in which tables and how this is to be done. Based on these settings, all data in the SAP® standard tables and in the customer-specific tables is pseudonymised. Unlike anonymisation, pseudonymisation does not require any technical checks to be carried out on the data records.


In pseudonymisation, personal data is replaced by pseudo-random expressions using an automatic algorithm. For this, the following criteria must be taken into account:

  1. The conversion of data for a business partner is performed in the same way at every point in the system. Each real expression always receives exactly one pseudonym everywhere in order to ensure that the data can be analysed.
  2. In each case, the conversion must not be traceable, for example by replacing each letter “a” in the system with a “p”.
  3. The new expressions must be different from each other.
  4. And each replacement should also have the same form. This means that an email address must also look like an email address after conversion.

If these criteria are properly met, the data can still be logically analysed by your company in the test system and the personal data is falsified in such a way that the data cannot be viewed or misused.

Both the first and last name as well as all other personal data are pseudonymised, leaving the e-mail address and telephone number for example in the same format.

A log shows the results.

Further information

  • Authorisations: As a rule, the authorisations for users in a test system are much broader than in a live system in order to be able to adequately check the results of tests. In accordance with the “need-to-know” principle, the protection of personal data must also be ensured in a test environment, for which pseudonymisation with the PROMOS tool provides an ideal solution.
  • Use of real data: In the event that certain tests, such as utility statements, cannot be carried out without real data, a partner’s data can be copied directly from the live system to the test system, where the pseudonymised data is temporarily overwritten. Once the tests have been completed, the data can be protected by pseudonymisation again.
  • Results log: A log shows the results of the pseudonymisation program in a way that is comprehensible to the user.

Your benefit

Evaluability and legal compliance: The conversion of data using the PROMOS pseudonymisation tool is a simple and quick way to provide testable and evaluable data while fully complying with all requirements of the EU GDPR.

Generic concept: The PROMOS tool makes it easy to implement the pseudonymisation of personal data for use in your test system. Database tables to be overwritten are defined using customising settings – both in the standard SAP® tables and in the customer’s own tables.

Data protection: The risk of data protection violations is already minimised at system level and compliance with the requirements resulting from the EU GDPR is guaranteed.

End user

  • Real estate management
  • Customer support
  • Accounts receivable/accounts payable
  • Data protection officer
  • Data protection coordinators

Please contact us:

PROMOS consult Projektmanagement,
Organisation und Service GmbH
Rungestraße 19
10179 Berlin-Mitte

to the contact form
Please wait