About

We created this book to help developers who are in the process of complying with the GDPR. We believe developers are at the cornerstone of GDPR compliance because the GDPR was created with online privacy at its center, and developers are the architects of our online landscape.

This book will help you understand the inherent goals of the GDPR in a way that will make your compliance journey more intuitive and almost a second nature. We break down the specific requirements of the GDPR and offer practical steps and solutions for compliance. Case studies and examples help to demonstrate the GDPR's principles in relatable, real-world ways.

Whether you're just starting out with compliance or are looking for a solution to a specific problem that you're facing further into your compliance journey, this book will hold the answers and guidance that you need.

Please note that we have captured the details, requirements and interpretations of the GDPR as it stands at the time of writing. This doesn't mean that the information is guaranteed to be without errors or omissions as the GDPR and all laws are living documents. For the most up to date information, please check out our database of current articles addressing the GDPR.

This book is not intended to be legal advice, nor does it create an attorney-client relationship between us and you. While we've done our best to be as accurate as possible and not leave anything out, we acknowledge that laws are always changing, especially in the field of global privacy. Thus, the content may not be 100% accurate at all times. We encourage you to use this book as a starting point for clarity and guidance, and we hope it brings you both.

Best wishes, from our team to yours.

What's inside

Chapter 1: Why the GDPR Affects Developers

Why the GDPR Affects Developers The EU General Data Protection Regulation (GDPR) has had a substantial impact around the world. Marketers have been hurriedly spamming their EU subscribers to ensure that they have legally-valid consent. Businesses running targeted ads in the EU have had to jump through a series of regulatory hoops....

Chapter 2: What is the GDPR?

What is the GDPR? For all its insistence that businesses use "clear and plain language" when communicating with their customers, the GDPR is long, obscure and frankly bewildering in places. The GDPR can be a fantastic opportunity for developers, but only if they truly understand it. It is possible to distill...

Chapter 3: Data Controllers and Data Processors

Data Controllers and Data Processors The GDPR categorizes people and organizations on the basis of their relationship to personal data. These different categories confer very different roles and responsibilities. It's possible to be in one category in some respects, and a different category in others. It's crucially important to understand which category...

Chapter 4: GDPR Data Protection Officer and GDPR EU Representative

GDPR Data Protection Officer and GDPR EU Representative The GDPR is enforced at several different levels: At the top, we have the Data Protection Authorities, who enforce the law at the national level in each EU Member State. At the base level, individual data subjects can enforce protection of their own personal data,...

Chapter 5: Legal Basis - Legitimate Interests vs Consent

Legal Basis: Legitimate Interests vs Consent In an earlier section of the book, we discussed how important it is for processing of personal data to take place on an appropriate legal basis. We looked briefly at the legal bases provided by the GDPR. In this section, we'll be looking in detail at...

Chapter 6: Working with Third Parties

Working with Third Parties No developer is an island. Even if you're working on a solo project, the chances are that you won't be building absolutely everything from the ground up yourself. You might need to use a development platform to help you create a piece of software. You might want...

Chapter 7: User Rights Developers Need To Know

User Rights Developers Need To Know The data subject rights are a way for individuals to maintain maximum control over their personal data. They are a cornerstone of the GDPR and deeply empowering for individuals in the EU. However, facilitating data subject rights requests can represent something of a burden for...

Chapter 8: Principles of the GDPR for Developers

Principles of the GDPR for Developers We've mentioned the principles of the GDPR a few times throughout the preceding chapters. It's important to recognize that these principles aren't abstract philosophical notions - they are directly applicable to your operations as a developer. Principles but applied for Devs? --> Lawfulness, Fairness, and Transparency The...

Chapter 9: Final Steps to Take for GDPR Compliance

Final Steps to Take for GDPR Compliance Having read this far, you know a lot about the GDPR. You should understand the law, your obligations under it, and know how to facilitate your users' rights. Throughout the book, we've been focused on the practical steps you can take to implement the law....

Authors