There are three main reasons to use pseudonymization:
- It is required by the GDPR wherever the purposes permit it,
- it substantially reduces the risk for data subjects, and
- it therefore permits controllers to reduce the effort of implementing (other) technical and organizational measures.