diff --git a/README.md b/README.md index 01d7a81..06931c4 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,9 @@ GDPR statement: *Personal data should be processed in a manner that ensures appr confidentiality of the personal data, including for preventing unauthorized access to or use of personal data and the equipment used for the processing.* -Please add a ⭐**star** if you like our project. +## 🚀 Spead a word and raise awareness about GDPR compliance +Help us to spead the word about this project and raise awareness. Please add a ⭐ **star** to make it happen. + #### Diagram of old-style solution. @@ -90,20 +92,49 @@ https://databunker.org/doc/benchmark/ * Backend at https://privacybunker.io/ * Backend at https://bitbaza.io/ -**Send us a note** if you are running Databunker in production mode. +⚠️ **Send us a note** if you are running Databunker in production mode, so we can add your wesbite to the list. + +## Privacy by design + +This product, from the architecture level and down to code was built to comply with strict privacy laws such as GDPR and CCPA. Deploying this project can make your architecture **privacy by design** compliant. For more info, check out the following article: + +https://databunker.org/use-case/privacy-by-design-default/ + +## Transparency and Accountability principle + +Any system or customer connecting to Databunker must provide an **access token** to authorize any operation, otherwise, the operation will be aborted. An end customer can login to his profile with a random authorization code sent by email or SMS. + +All operations with personal records are **saved in the audit log**. + +Any customer can log in to his account at Data Bunker and view the **full audit of activities** performed on his profile. + +![Forget me](images/ui-audit-log.png) + +## Integrity and confidentiality + +**All personal data is encrypted**. An audit log is written for all operations with personal records. +Any request using Databunker API is done with **HTTPS SSL certificate**. The enterprise version supports Shamir's Secret Sharing +algorithm to split the master key into a number of keys. A number of keys (that can be saved in different hands in the +organization) are required to bring the system up. -# This project resolves most** of the GDPR requirements for you including: +# This projects provides an instant solution for GDPR compliance and user rights: -**NOTE**: Implementing this project does not make you fully compliant with GDPR requirements and you still +1. Right of access +1. Right to restrict processing / Consent withdrawal +1. Right to be forgotten / Right to erasure +1. Right to rectification/ Data Accuracy +1. Right to data portability + +⚠️ **NOTE**: Implementing this project does not make you fully compliant with GDPR requirements and you still need to consult with an attorney specializing in privacy. -**NOTE**: When we use the term "Customer" we mean the data of the end-user that his information is being stored, shared, and deleted. +⚠️ **NOTE**: When we use the term "Customer" we mean the data of the end-user that his information is being stored, shared, and deleted. + ## Right of access -Databunker extracts **customer email**, **customer phone** values out of the customers' personal records. It gives your customer **passwordless** access to his data stored under his account. This is done by generating a random access key send by email or by SMS. Your customer can sign in into Databunker, view information stored by Databunker, and make changes in compliance with a company's policy. - +Databunker extracts **customer email** and **customer phone** values out of the customers' personal records. It gives your customer **passwordless** access to his data stored under his account. This is done by generating a random access key sent by email or by SMS. Your customer can sign-in into Databunker, view information stored by Databunker, and make changes in compliance with a company's policy.

login form @@ -118,40 +149,23 @@ Databunker can manage all of the customer's consents and agreements in one place ![Consent management](images/ui-consent-management.png) ![Consent withdrawal](images/ui-consent-withdrawal.png) -**NOTE**: Data bunker can call your backend script on a consent withdrawal (callback). You will have to handle these requests and remove -the customer records from other 3rd party processing companies. For example web recording services, email gateways, etc... - -## Privacy by design - -This product, from the architecture level and down to code was built to comply with strict privacy laws such as GDPR and CCPA. Deploying this project can make your architecture **privacy by design** compliant. For more info, check out the following article: - -https://databunker.org/use-case/privacy-by-design-default/ - - -## Transparency and Accountability principle - -Any system or customer connecting to Databunker must provide an **access token** to authorize any operation, otherwise, the operation will be aborted. An end customer can login to his profile with a random authorization code sent by email or SMS. - -All operations with personal records are **saved in the audit log**. - -Any customer can log in to his account at Data Bunker and view the **full audit of activities** performed on his profile. - -![Forget me](images/ui-audit-log.png) +⚠️ **NOTE**: Databunker can call your backend script on a consent withdrawal (callback). You will have to handle these requests and remove +the customer records from other 3rd party processing companies. For example from email newsletter service, etc... ## Right to be forgotten / Right to erasure -When your customer requests to exercise his **right to be forgotten**, his private records will be wiped out of the Data Bunker database, giving you the possibility to leave all internal databases intact while not impacting any of your other systems. +When your customer requests to execute his **right to be forgotten**, his private records will be wiped out of the Databunker database, giving you the possibility to leave all internal databases intact while not impacting any of your other systems. -Upon customer removal request, Data bunker can call your backend script (callback) with the customer details. You will have to handle these requests and remove other customer records from 3rd party processing companies. For example from web recording services, email gateways, etc... +Upon customer removal request, Databunker can call your backend script (callback) with the customer details. You will have to handle these requests and remove other customer records from the 3rd party processing companies. For example from browsing recording services, etc... ![Forget me](images/ui-forget-me.png) -**NOTE**: You will need to make sure that you do not have any customer identifiable information (PII) in your other databases, -logs, files, etc... +⚠️ **NOTE**: You will need to make sure that you do not have any customer identifiable information (PII) in your other databases, +logs files, etc... -## Right to rectification/ Data Accuracy +## Right to rectification/ Data accuracy -Your customer can sign in to his personal account at Databunker and change his records, for example, **change his name**. +Your customer can sign-in to his personal account at Databunker and change his records, for example, **change his name**. Databunker can fire a callback operation with customer's details when a customer operation takes place. ![Change profile](images/ui-profile-edit-and-save.png) @@ -161,18 +175,10 @@ Databunker can fire a callback operation with customer's details when a customer Your customer can sign in to his personal account at Databunker and view and **extract all his records stored at Databunker.** -**NOTE**: You will need to provide your customers with a way to extract data from other internal databases. +⚠️ **NOTE**: You will need to provide your customers with a way to extract data from other internal databases. -## Integrity and confidentiality - -**All personal data is encrypted**. An audit log is written for all operations with personal records. -Any request using Databunker API is done with **HTTPS SSL certificate**. The enterprise version supports Shamir's Secret Sharing -algorithm to split the master key into a number of keys. A number of keys (that can be saved in different hands in the -organization) are required to bring the system up. - - -## NOTE +## ⚠️ NOTE **Implementing this project does not make you fully compliant with GDPR requirements and you still need to consult with an attorney specializing in privacy.** @@ -220,8 +226,12 @@ Follow this [article](https://databunker.org/doc/start/). --- -# Contact us +# We always strive to make our projects better -If you have any questions, you can contact the development team at office@privacybunker.io +Your feedback is very important for us. + +Give us a ⭐ **star** if you like our product. + +If you have any questions, you can contact the development team at office@privacybunker.io. Join the project slack channel to talk with developers: [https://databunker.slack.com/](https://join.slack.com/t/databunker/shared_invite/zt-b6ukxzw3-JCxv8NJDESL40haM45RNIA)