https://github.com/securitybunker/databunker Skip to content Sign up Sign up * Why GitHub? Features - + Mobile - + Actions - + Codespaces - + Packages - + Security - + Code review - + Project management - + Integrations - + GitHub Sponsors - + Customer stories- * Team * Enterprise * Explore + Explore GitHub - Learn and contribute + Topics - + Collections - + Trending - + Learning Lab - + Open source guides - Connect with others + The ReadME Project - + Events - + Community forum - + GitHub Education - + GitHub Stars program - * Marketplace * Pricing Plans - + Compare plans - + Contact Sales - + Education - [ ] [search-key] * # In this repository All GitHub | Jump to | * No suggested jump to results * # In this repository All GitHub | Jump to | * # In this organization All GitHub | Jump to | * # In this repository All GitHub | Jump to | Sign in Sign up Sign up {{ message }} securitybunker / databunker * Notifications * Star 232 * Fork 14 Secure storage for personal records built to comply with GDPR databunker.org/ MIT License 232 stars 14 forks Star Notifications * Code * Issues 0 * Pull requests 0 * Actions * Projects 0 * Security * Insights More * Code * Issues * Pull requests * Actions * Projects * Security * Insights master Switch branches/tags [ ] Branches Tags Nothing to show {{ refName }} default View all branches Nothing to show {{ refName }} default View all tags 1 branch 0 tags Go to file Code Clone HTTPS GitHub CLI [https://github.com/s] Use Git or checkout with SVN using the web URL. [gh repo clone securi] Work fast with our official CLI. Learn more. * Open with GitHub Desktop * Download ZIP Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Go back Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Go back Launching Xcode If nothing happens, download Xcode and try again. Go back Launching Visual Studio If nothing happens, download the GitHub extension for Visual Studio and try again. Go back Latest commit @stremovsky stremovsky add links ... 42da095 Apr 3, 2021 add links 42da095 Git stats * 675 commits Files Permalink Failed to load latest commit information. Type Name Latest commit message Commit time images add new image Oct 1, 2020 src disable audit for session code to unlinked users Mar 31, 2021 ui Fix messages Feb 4, 2021 .dockerignore file changed Jul 12, 2020 .gitignore Add new signature Feb 23, 2020 API.md rename organization Nov 28, 2020 BUILD.md rename organization Nov 28, 2020 Dockerfile rename project Nov 28, 2020 INSTALLATION.md Update file Sep 18, 2020 LICENSE change project to MIT license Mar 22, 2021 README.md add links Apr 3, 2021 build.sh fix build script Mar 5, 2020 create-test-user.sh Update create-test-user.sh Dec 22, 2020 databunker.yaml change default session retention to 1 hour Mar 6, 2021 release.sh add file to build script Dec 14, 2019 run.sh support DEMO access code Apr 22, 2020 user.json rename organization Nov 28, 2020 View code Databunker Diagram of old-style solution. Diagram of Solution with Paranoid Guy Data Bunker Demo Node.js Examples Node.JS modules Production deployments This project resolves most** of the GDPR requirements for you including: Right of access Right to restrict processing / Consent withdrawal Privacy by design Transparency and Accountability principle Right to be forgotten / Right to erasure Right to rectification/ Data Accuracy Right to data portability Integrity and confidentiality NOTE Databunker use cases External blogs and articles covering Databunker Databunker quick start guide Contact us README.md Databunker solution Databunker Databunker is a Personally Identifiable Information (PII) Data Storage Service built to Comply with GDPR and CCPA Privacy Requirements. Slack Project demo is available at: https://demo.databunker.org/. Please add a star if you like our project. We live in a world where the privacy of our information is nonexistent. The EU has been working to remediate this fallacy with GDPR, and the US (California) follows with a first sparrow called CCPA. Data Bunker Project is intended to ease the acceptance of GDPR and CCPA regulations while giving organizations an easy to implement API's, secure Database to store PII, and privacy portal. This will give all of us, the real data owners, control of our data, and allow us to know who is using our data, what is he doing with it, and have the freedom to decide if we agree to that or not. This project, when deployed correctly, replaces all the customer's personal records (PII) scattered in the organization's different internal databases and log files with a single, randomly generated token managed by the Data Bunker service. By deploying this project and moving all personal information to one place, you will comply with the following GDPR statement: Personal data should be processed in a manner that ensures appropriate security and confidentiality of the personal data, including for preventing unauthorized access to or use of personal data and the equipment used for the processing. Diagram of old-style solution. picture Diagram of Solution with Paranoid Guy Data Bunker picture Other documents: INSTALLATION Demo Project demo is available at: https://demo.databunker.org/ You can see management for Natural person (data subject) account access: Phone: 4444 Code: 4444 Email: test@securitybunker.io Code: 4444 Demo Admin access token: DEMO --------------------------------------------------------------------- Node.js Examples 1. Node.js example implementing passwordless login using Databunker: https://github.com/securitybunker/ databunker-nodejs-passwordless-login 2. Node.js example with Passport.js, Magic.Link and Databunker: https://github.com/securitybunker/databunker-nodejs-example 3. Secure Session Storage for Node.js apps: https://databunker.org/ use-case/secure-session-storage/#databunker-support-for-nodejs Node.JS modules 1. @databunker/store from https://github.com/securitybunker/ databunker-store 2. @databunker/session-store from https://github.com/securitybunker/ databunker-session-store Production deployments * Backend at https://privacybunker.io/ * Backend at https://bitbaza.io/ - under development Send us a note if you are running Databunker in production. This project resolves most** of the GDPR requirements for you including: NOTE: Implementing this project does not make you fully compliant with GDPR requirements and you still need to consult with an attorney specializing in privacy. NOTE: When we use the term "Customer" we mean the data of the end-user that his information is being stored, shared, and deleted. Right of access Databunker extracts customer email, customer phone values out of the customers' personal records granting passwordless access for the customer into their Databunker personal account. This is done by generating a random access key that Databunker sends to your customer by email or by SMS. Your customer can login and view all the information collected and saved by Databunker in connection to his profile. login form login with email verify login with code Right to restrict processing / Consent withdrawal Databunker can manage all of the customer's consents. A customer can Withdraw consent/restrict processing in his personal account at Databunker. For example, to block newsletter service. Your backend site can work with Databunker using our API to add, or cancel consents and a callback operation will be fired when a customer's action takes place. Consent management Consent withdrawal NOTE: Data bunker can call your backend script on a consent withdrawal (callback). You will have to handle these requests and remove the customer records from other 3rd party processing companies. For example: web recording services, email gateways, etc... Privacy by design This product, from the architecture level and down to code was built to comply with strict privacy laws such as GDPR and CCPA. Deploying this project can make your architecture privacy by design compliant. Transparency and Accountability principle Any system or customer connecting to Databunker must provide an access token to authorize any operation, otherwise, the operation will be aborted. An end customer can login to his profile with a random authorization code sent by email or SMS. All operations with personal records are saved in the audit log. Any customer can log in to his account at Data Bunker and view the full audit of activities performed on his profile. Forget me Right to be forgotten / Right to erasure When your customer requests to exercise his right to be forgotten, his private records will be wiped out of the Data Bunker database, giving you the possibility to leave all internal databases intact while not impacting any of your other systems. Upon customer removal request, Data bunker can call your backend script (callback) with the customer details. You will have to handle these requests and remove other customer records from 3rd party processing companies. For example from web recording services, email gateways, etc... Forget me NOTE: You will need to make sure that you do not have any customer identifiable information (PII) in your other databases, logs, files, etc... Right to rectification/ Data Accuracy Your customer can log in to his personal account at Data Bunker and change his records, for example, change his Name. Databunker can fire a callback operation with customer's details when a customer action takes place. Change profile Right to data portability Your customer can log in to his personal account at Data Bunker and view and extract all his records stored at Data Bunker. NOTE: You will need to provide your customers with a way to extract data from other internal databases. Integrity and confidentiality All personal data is encrypted. An audit log is written for all operations with personal records. All-access to Data Bunker API is done using an HTTPS SSL certificate. Enterprise version supports Shamir's Secret Sharing algorithm to split the master key into a number of keys. A number of keys (that can be saved in different hands in the organization) are required to bring up the system. NOTE Implementing this project does not make you fully compliant with GDPR requirements and you still need to consult with an attorney specializing in privacy. --------------------------------------------------------------------- Databunker use cases Detailed information can be found at https://databunker.org/use-case/ * Personal information tokenization and storage * Pseudonymized user identity for cross-border information transfer * Personal information consolidation * Critical data segregation * Trace customer profile changes and access * Temporary customer/app/session identity for 3rd party services * Data minimization and GDPR Scope reduction * Consent management, i.e. withdrawal * Encrypted session storage * GDPR compliant logging * DPO friendly service * User privacy portal * Passport.js support --------------------------------------------------------------------- External blogs and articles covering Databunker 1. https://dbweekly.com/issues/348 2. https://www.freecodecamp.org/news/ how-to-stay-gdpr-compliant-with-access-logs/ 3. https://databunker.org/ If you published an article about Databunker send us a link at yuli@privacybunker.io --------------------------------------------------------------------- Databunker quick start guide Follow this article. --------------------------------------------------------------------- Contact us If you have any questions, you can contact me at yuli@privacybunker.io Join the project slack channel to talk with developers: https:// databunker.slack.com/ About Secure storage for personal records built to comply with GDPR databunker.org/ Topics golang security privacy encryption database vault application-server compliance passportjs tokenization gdpr legaltech anonymization pii data-anonymization privacy-by-design user-consent piidata ccpa gdpr-requirements Resources Readme License MIT License Releases No releases published Packages 0 No packages published Contributors 2 * @stremovsky stremovsky Yuli * @booaazz booaazz Languages * Go 65.1% * HTML 22.8% * JavaScript 8.1% * Shell 1.9% * CSS 1.6% * Dockerfile 0.5% * (c) 2021 GitHub, Inc. * Terms * Privacy * Security * Status * Docs * Contact GitHub * Pricing * API * Training * Blog * About You can't perform that action at this time. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.