GDPR Rails: Community GDPR compliance tool
GDPR Rails is appropriate for any application running on Ruby on Rails with specific modules designed to carry out most GDPR compliance requirements. Its easy-to-use administration panel provides developers with a central location where they can see all pending data requests or active policies.
- Configurable policy rules, supports Active Record validations for new or existing users
- Supports session-less consent policies which will become persistent once the user signs in or signs up
- Versioning system for new policies
- JSON endpoints to handle pending policies and portability logic in order to be implemented in client only interfaces, ie: frontend apps like React, Vue, Backbone, you name it.
The portability module lets you define export options that will generate a navigable static site with all the data you’ve defined in the portability rules:
- Seamless data export with configurable templates
- Configurable Mailer templates for progress & download completion
- Downloads images to the local filesystem in order to comply with GDPR requirements on data accessibility
- Zips all the information and delivers it with an expirable download link
- ActiveJob to handle the process
- Behind the scenes it uses the Paperclip gem in which you can set up storage like S3 or Google.
“A great open source resource for anyone using Ruby on Rails, GDPR Rails provides a comprehensive set of compliance tools that will continue to grow as GDPR evolves,” said Carlos Yaconi, CEO of Prey Software. “For instance, the Policy Rules module lets the developers create configurable privacy policies and track user consent. Likewise, the Portability module lets you define export options, which will generate a navigable static site with all the data defined in the portability rules.”