GDPR Tracker is a crowdsourced directory that makes it easier for companies and consumers to keep track of the data handling practices of their subcontractors and cloud services in real-time.
This repository holds all the services displayed in the directory. We strongly believe that data handling practices should be easily available to business & customers.
You can add a service by following the contribution guidelines.
We use JSON Schema to validate the data and to maintain a high level of data quality. Please find the schema at the following location.
| Field | Type | Format | Required | Description | Options |
|---|---|---|---|---|---|
| id | string | * | Unique id to identify the company | ||
| name | string | * | Name of the company | ||
| description | string | * | Description of the service | ||
| categories | array | * | Categories that the service belongs to | ||
| iconUrl | string | url | * | URL to the icon of the service (recommended size 400x400) | |
| countryHQ | string | ISO ALPHA-2 code | * | Country of HQ | |
| gdprReadyStatus | enum | * | GDPR readiness status of this service | unknown inProgress ready nonCompliant |
|
| privacyUrl | string | url | Link to privacy policy | ||
| dsarFormUrl | string | url | Data Subject Access Rights Form URL | ||
| dpaUrl | string | url | Data Processing Agreement URL | ||
| dataCenters | array | Locations where data is hosted | |||
| hostingProviders | array | Hosting providers | |||
| contacts | array | Appointed DPOs or privacy officers per region | |||
| certifications | enum | Certifications | ISO 27001 PCI DSS SOC 2 Type I SOC 2 Type II HIPAA HITECH RESO |
||
| dataBreaches | array | Reported data breaches | |||
| articles | array | GDPR & privacy related articles |
{
"id": "acme",
"name": "Acme",
"description": "CRM & Customer platform for SMBs",
"categories": [
"CRM",
"Customer Support"
],
"iconUrl": "https://pbs.twimg.com/profile_images/922908923207839744/5EZID3tH_400x400.jpg",
"website": "https://www.acmesaas.com",
"countryHQ": "US",
"gdprReadyStatus": "inProgress",
"privacyUrl": "https://www.acmesaas.com/privacy",
"dsarFormUrl": "https://bs.gdprform.io",
"dpaUrl": "https://www.acmesaas.com/dpa",
"dataCenters": [
"EU"
],
"hostingPartners": [
"AWS",
"Digital Ocean"
],
"contacts": [
{
"type": "DPO",
"name": "John Doe",
"email": "john@dpo.com",
"region": "EU"
},
{
"type": "DPO",
"name": "Tim Doe",
"email": "tim@dpo.com",
"region": "US"
}
],
"certifications": [
"ISO 27001",
"HIPAA"
],
"dataBreaches": [
{
"date": "10/12/2017",
"url": "https://www.beatswtich.com/breach"
}
],
"articles": [
{
"date": "02/12/2018",
"url": "https://www.beatswtich.com/gdpr"
}
]
}
If you want your service to be removed from the tracker. Send in a pull request with the reason stated.
MIT License. Please see the license file for more information.
Made in Belgium / Europe
The GDPR Tracker is created by Privacy Radius. Privacy Radius is a European provider of AI-powered data and privacy solutions to help companies create trusted environments to protect consumers' privacy and data rights.