The CNIL publishes a GDPR guide for developers
In order to assist web and application developers in making their work GDPR-compliant, the CNIL has drawn up a new guide to best practices under an open source license, which is intended to be enriched by professionals.
Is this guide only for developers?
This guide is mainly aimed at developers working alone or in teams, team leaders, service providers but also at anyone interested in web or application development.
It provides advice and best practices, and thus gives useful keys to understand the GDPR for every stakeholder, regardless of the size of their structure. It can also stimulate discussions and practices within the organisations and in customer relationships.
What does the guide contain?
The GDPR Developer's Guide provides an introduction to GDPR’s main principles and the various aspects to take into account when deploying applications that respect the privacy of its users.
16 thematic files that cover most of the developers’ needs at each stage of their project, from the preparation to the audience’s measurement:
These good practices are not intended to meet all the regulatory requirements nor to be prescriptive. However, they do provide a reflection on the GDPR requirements to be kept in mind when developing projects.
How can you contribute to this guide?
This guide is available in two versions:
- A web version on the CNIL website and in the tab the “Releases” tab of this repository;
- A GitHub version, which offers the possibility for everyone to contribute it.
The contribution is made in a few steps:
- Register on the Github platform;
- Go to the project page;
- You can:
- Use the “Issue” tab to open comments or participate in the discussion.
- Use the “Fork” option to make your own modifications and propose their inclusion via the “Pull Requests” button.
Your contribution proposal will be examined by the CNIL before publication. The web version of the GDPR developer’s guide published on the CNIL website will be regularly updated.
To release this repository yourself, you can use the Pandoc tool. This tool will allow you to convert the records into a docx file or an HTML document.
You can find the instructions to install this tool here
- To generate a .docx file :
pandoc -s --toc --toc-depth=1 -o Guide_RGPD_developper.docx [0-9][0-9]*.md
- To generate an .html file :
pandoc -s --template="templates/mytemplate.html" -H templates/pandoc.css -o index.html README.md [0-9][0-9]*.md