This document establishes general principles for and methods of processing personal identifiable information (PII) in BC/DLT-systems. It specifies technical and organizational measures for data protection while taking into account the principles of “privacy by design” as well as specifications that are inspired by legal frameworks, in particular the GDPR. The document clarifies relevant terms for both technical as well as legal experts. It establishes a methodological framework that helps identifying types of PII as well as mapping legal principles of the GDPR to technical measures available to improve data protection or mitigate the risk of processing PII in BC/DLT-systems. This document is aimed towards establishing a high level of privacy in BC/DLT-systems. This document is applicable to all BC/DLT-systems.