Introduction to the Personal Data eXchange

PDX Overview


The Personal Data eXchange is a highly available, resilient interoperability engine that provides secure two way APIs for reading and writing to a Mydex Members Cloud based Personal Data Store hosted in the Mydex Safe Secure Cloud.

The Personal Data eXchange is available 365 days a year and 24 hours a day. The Personal Data eXchange is hosted in the United Kingdom within the Mydex Safe Secure Cloud infrastructure and operated under an independently certified ISO27001:2022 Information Security Management System. The Personal Data eXchange is designed to be resilient, highly available, scalable, and performant.

The Personal Data eXchange enables Members and Subscribers to connect with each other for the exchange of personal data and service event data. All exchanges are under a uniform legal contract that we call a Data Sharing and Services Agreement which is fully GDPR compliant. This agreement between the Member and the Subscriber. Members are able to review, modify, approve or reject a Data Sharing and Services Agreement when presented by a Subscriber.

Subscribers can plug into the Safe Secure Cloud for the purposes of seamless two way data and event exchange whether to deliver or collect data via secure APIs. Subscribers are able to define their GDPR compliant Data Sharing and Services Agreements to meet their needs. This sets out the use cases involved, the nature of data and services to be used and a full GDPR declaration of compliance.

All connections between Members and Subscribers are uniquely encrypted and authenticated. Data Sharing and Services Agreements can be updated at any time with Member consent and Members can remove a Subscriber at any time. Subscribers can disconnect from a Member if and when services cease to be required.

Mydex as the Safe Secure Cloud provider acts as the agent of the Member and enforces the approved Data Sharing and Services Agreements automatically.

Mydex has no access or rights to their Members Personal Data Store beyond execution of their approved Data Sharing and Services Agreements and provision of the services to Members.

All data moved across the Personal Data eXchange between the Member and the Subscriber is uniquely encrypted, no two connections and exchanges are the same ever.

The Personal Data eXchange manages the integrity, linking and filing and updating a Members Personal Data Store automatically requiring no effort from Members or Subscribers.

The Personal Data eXchange offers Feature Blocks which are collections of data and services using consistent API structure to simplify integration and provides the Mydex Template System to enable configuration of unique combinations of data and formats to streamline third party integration and interoperability. All templates are available to any Subscriber as part of the shared services and interoperability mission of Mydex CIC.

The following section outlines the necessary steps for a developer, new to the Mydex Safe Secure Cloud, to get going:

The first thing you need to do is create an account via our Connection Manager so you can access our Sandbox environment. Please see getting a dedicated connection.

  1. Register and create your account. This includes setting up your very own MydexID and Personal Data Store on our live service which is free to you for life.
  2. Login to the Connection Manager.
  3. Request your own Dedicated Connection to The Personal Data Store Sandbox. This will cover the datasets and services you initially want to experiment with that are relevant to your objectives. You will set out your specific use cases and make a GDPR declaration.

    Mydex CIC will advise you once your Dedicated Connection is set up, and will supply you Dedicated Connection credentials as well as a set of OAuth2.0 credentials via a secure channel normally Signal or Whats App

  4. Review the comprehensive online documentation and follow the steps to make use of your Connection
  5. Once have your ClientID, Connection NID and Dedicated Connection tokens you will be able to use them, along with an OAuth2.0 access token, to:
    • register MydexIDs and Personal Data Stores
    • make first time connections between a Personal Data Store and your own service or application. We have full documentation and Public GitHub repository with Postman Tests, Curl Requests and example PHP
  6. Test sending data from your service to the personal data store.
  7. Test collecting data from a personal data store using one or more of the datasets, templates or Feature Blocks contained within your dedicated connection.
  8. Perform processing on collected data to meet your needs.