awesome-gdpr
GDPR toolkit
A curated collection of resources and tools for implementing the General Data Protection Regulation (GDPR) in software development projects
Protection of natural persons with regard to the processing of personal data and on the free movement of such data.
210 stars
10 watching
21 forks
last commit: 6 months ago awesomeawesome-listcurated-listgdprgdpr-checklistgeneral-data-protection-regulationprivacyprivacy-by-designprivacy-toolssecurity-tools
Awesome GDPR / Legal text | |||
| GDPR (2016/679) | Official version of GDPR | ||
| GDPR-info | GDPR linked to relevant articles and section in the preamble (Non-official site) | ||
| GDPR-expert | Compare the Regulation, Directive and National legislation. Linked to relevant section in preamble (Non-official site) | ||
| GDPRhub -> GDPR Articles | GDPR articles included commentary | ||
Awesome GDPR / Guidelines | |||
| Guidelines | & from the European Data Protection Board (EDPB) | ||
| ICO: Guide to GDPR | |||
| Handbook on European data protection law | Handbook issued by EU | ||
| Factsheets | Factsheets from EU Data Protection Supervisor | ||
Awesome GDPR / Rights of the data subject (art. 12 - 23) | |||
| Open source privacy notice template (Juro) | 174 | over 3 years ago | |
Awesome GDPR / Privacy by Design - Guides for developers (art. 25) | |||
| CNIL - GDPR Developer Guide | 328 | almost 2 years ago | |
| Norwegian DPA - Software development with Data Protection by Design and by Default | |||
| Data Pseudonymisation: Advanced Techniques and Use Cases | Report on pseudonymisation techniques from ENISA | ||
| Anonymisation, pseudonymisation and privacy enhancing technologies guidance - ICO | |||
Awesome GDPR / Records of Processing (art. 30) | |||
| Iubenda - Register of data processing activities | |||
Awesome GDPR / Security (art. 32) | |||
| OWASP Top 10 | Top 10 Web Application Security Risks | ||
| OWASP Cheat Sheet Series | Concise collection of high value information on specific application security topics | ||
| Anonymisation, pseudonymisation and privacy enhancing technologies guidance | |||
Awesome GDPR / Incident management (art. 33 and 34) | |||
| ENISA: Recommendations for a methodology of the assessment of severity of personal data breaches | |||
| Google, SRE: Managing Incidents | |||
| Troy Hunt: Data breach disclosure 101 | |||
| Awesome Incident Response | 7,682 | 4 months ago | |
| GDPR Enforcement Tracker | Overview of fines and penalties | ||
Awesome GDPR / Data Protection Impact Assessments (DPIA, art. 35) | |||
| Open-source DPIA software from the French DPA | |||
| Guidelines on Data Protection Impact Assessment (WP29) | |||
| ISO-standard: Guidelines for privacy impact assessment | |||
| DPIA template from ICO | |||
| Public DPIA Teams OneDrive SharePoint and Azure AD | DPIA of Microsoft Teams in combination with OneDrive, SharePoint Online and the Azure Active Directory | ||
Awesome GDPR / Tools | |||
| Website Evidence Collector (WEC) | 425 | 5 months ago | EDPS Inspection Software |
| Data protection around the world | (CNIL) Map of the level of data protection in each country | ||
| Data Protection Laws of the world | (DLA Piper) Compare data protection laws around the world | ||
Awesome GDPR / Data Protection Authorities (art. 51 -59) | |||
| European Data Protection Board | EDPB | ||
| European Data Protection Supervisor | EDPS | ||
| European Union Agency for Network and Information Security (ENISA) | ENISA | ||
| List of Data Protection Authorities | |||
Awesome GDPR / Organisations / Projects | |||
| Electronic Frontier Foundation | Nonprofit defending digital privacy, free speech, and innovation | ||
| International Association of Privacy Professionals | A resource for privacy professionals | ||
| Privacy International | Charity that challenges the governments and companies that want to know everything about individuals, groups, and whole societies | ||
| NOYB | Organisation that brings important issues to the attention of DPAs, enforces the law in civil court or directly engages with companies | ||
| GDPR.eu | Resource for organisations and individuals researching the GDPR (Not official website) | ||
| CyLab Usable Privacy and Security Laboratory | Research related to understand and improving the usability of privacy and security | ||
| EPIC | Electronic Privacy Information Center | ||
| Future of Privacy Forum | Catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies | ||
| W3C Privacy Interest Group | Leading the web to its full potential | ||
| CISPE Code of Conduct | Pan-European sector-specific code for cloud infrastructure service providers under Article 40 | ||
Awesome GDPR / Publications | |||
| GDPR Today | Privacy news from the Open Rights Group | ||
| Spread Privacy | DuckDuckGo Blog | ||
| Freedom To Tinker | Blog from Princeton's CITP, a research center that studies digital technologies in public life | ||
| pdpEcho | All about personal data protection and privacy, by Gabriela Zanfir-Fortuna | ||
| GDPRhub | Free and open wiki that allows anyone to find and share GDPR insights across Europe | ||
Awesome GDPR / Related | |||
| Privacy Respecting | 1,957 | about 1 year ago | |
| Awesome: Security | 334,113 | about 7 hours ago | |
| Awesome: Humane Tech | 3,020 | about 2 years ago | |
| Awesome: Privacy | 13,521 | 1 day ago | List of free, open source and privacy respecting services and alternatives to privative services |
| Developers Guide to HIPAA Compliance | 1,666 | over 1 year ago | |
| Analytics without cookies | |||
| European web analytics services | |||
| EU Alternatives | |||