GDPR Guide For Developers

GDPR (General Data Protection Regulation) Study

Development Aspects

– the right to erasure (the right to be forgotten/deleted from the system)


– right to restriction of processing (you still keep the data, but mark it as “restricted” and don’t touch it without further consent by the user)


– the right to data portability (the ability to export one’s data in a machine-readable format)


– the right to rectification (the ability to get personal data fixed)


– the right to be informed (getting human-readable information, rather than long terms and conditions)


– the right of access (the user should be able to see all the data you have about them)


– data minimization (one should not collect more data than necessary)


– integrity and confidentiality (all security measures to protect data that you can think of + measures to guarantee that the data has not been inappropriately modified)


Operations Aspect


– Encrypt the data in transit


– Encrypt the data at rest


– Encrypt your backups


Overall, the purpose of the regulation is to make you take conscious decisions when processing personal data. It imposes best practices in a legal way.


Reference sites

Leave a Reply

Your email address will not be published. Required fields are marked *