You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: applicationdevelopmentlifecycle/analysisphase.md
+14-31Lines changed: 14 additions & 31 deletions
Original file line number
Diff line number
Diff line change
@@ -23,13 +23,8 @@ Access to device-specific information \(e.g. UDID, IMEI, MAC addresses, etc.\) M
23
23
24
24
The processing of personal data makes it necessary to define a **Privacy Policy**. Since the minimum requirements of the local data protection laws have to be fullfilled anyway we suggest to take data protection serious and go a step further to build attractive and competitive apps.
25
25
26
-
*[ ][comment](https://github.com/AppPETs/developer-guidelines/tree/5d6d22d22b2f697aeba374552a121460ae793d2a/"/README.md):"no minimal compliance, but real data protection
27
-
28
26
_If we talk about personal data, keep in mind that **a lot of data can be linked to individuals**, especially in the field of mobile apps. That's why it is advised to avoid the storage and processing of data where possible_
29
27
30
-
*[ ]_notice that all data on a device might be linkable to a person._ -> data minimisation is key
The definition of a privacy policy implies, but is not limited to:
34
29
35
30
### Which types of personal data are accessed and why?
@@ -43,7 +38,6 @@ The definition of a privacy policy implies, but is not limited to:
43
38
* Statement on how to access personal saved data as a user
44
39
* Statement on how to initiate personal data deletion as a user
45
40
* extended information about privacy policies etc. can be found here: \[[https://www.enisa.europa.eu/](https://www.enisa.europa.eu/)\]
46
-
*[ ]\(hier einfach die basalen Punkte, \(die zeitlos sind\) übernehmen\*
47
41
*[ ] make clearer reference to concrete pages
48
42
49
43
### Is data leaving the main ecosystem?
@@ -54,13 +48,14 @@ Think about on which level your data is processed and transmitted.
54
48
* is data leaving the "local boundary"
55
49
* is data leaving the "eco system boundary"
56
50
* is data leaving the "3rd party boundary"
57
-
*[ ] explain what that exactly means!
58
51
59
-
For the processing of data, you need a proper contract, that you are entitled to do so. This is bound to a number of duties
52
+
{% hint style="info" %}
53
+
For the processing of data, you need a proper contract, that you are entitled to do so. This is bound to a number of duties. \(cf. [Article 28, GDPR](https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3033-1-1)\)_._
54
+
{% endhint %}
60
55
61
-
*[ ]_\(german ADV\)_\(translation of the term?\)
62
-
*[ ] which duties exactly?
63
-
*[ ]_\(processors need to be obliged to data protection principles_
56
+
{% hint style="success" %}
57
+
_You can find an_[_template_](https://www.gdd.de/downloads/praxishilfen/Mustervertrag_zur_Auftragsverarbeitung_DS-GVO_english.docx)_at the Society for data protection and data securitys \(GDD\) website._
58
+
{% endhint %}
64
59
65
60
### Which data needs which level of protection?
66
61
@@ -73,23 +68,25 @@ Special categories of data are placed under particular protection of the law.
73
68
| sensitive data | harmful consequences possible, special risk assessment necessary |
74
69
|||
75
70
76
-
*[ ] add legal hint to "Data Protection Level"
77
-
78
71
| Legal Hint: "Data Economy" |
79
72
| :--- |
80
73
| Access to data \(e.g. PIM, media, etc.\) MUST take place in line with data economy1 according to §3a BDSG. Data MUST NOT be passed on to third parties without an Opt-In from the user. Utilization of the data SHOULD be explained to the user \(why does the application need this access, and what will not function if I do not provide this access?\). |
81
74
82
-
#### Sensitive Data
75
+
#### Special categories of personal data with stronger limitations
76
+
77
+
{% hint style="warning" %}
78
+
Special categotires of data include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. \([Art 9, GDPR](https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3033-1-1)\)
79
+
80
+
These data generally may only be used where the data subject has given explicit consent regarding these very categories of information.
81
+
{% endhint %}
83
82
84
-
Amongst these are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. These data generally may only be used where the data subject has given explicit consent regarding these very categories of information.
85
83
86
-
*[ ] convert to box?
87
84
88
85
#### Extent of data used
89
86
90
87
Where the information on individuals used by the app is particularly comprehensive, exposing their conduct or characteristics, particular attention needs to be paid to the protection of those data.
91
88
92
-
*Is data used that must be deletable on user demand? \(@ULD: which data is affected\)_\(grundsätzlich immer\)_
89
+
*In general data used must be deletable on user demand
93
90
* a routine must be implemented to ensure full deletion of user data on demand
94
91
* all saved data from the user must be deletable
95
92
* this applies also to data stored in the cloud
@@ -101,17 +98,3 @@ Where the information on individuals used by the app is particularly comprehensi
101
98
If children or other persons who require particular legal protection are involved, the processing of data might be more restricted than otherwise.
102
99
{% endhint %}
103
100
104
-
## Risk Assessment
105
-
106
-
*[comment](https://github.com/AppPETs/developer-guidelines/tree/5d6d22d22b2f697aeba374552a121460ae793d2a/"/README.md):"to be discussed"
107
-
* cf. risk management in section "Design Phase"
108
-
*[ ] which generic parts of RA can be put in Introduction.md / Foundations.md and which special part might be relevant for the specific phases
109
-
*[ ] the criteria mentioned above are a good basis for the risk assessment, which shoule be revisited after every step in the development lifecycle
110
-
*[ ] what means risk here for the developer? [comment](https://github.com/AppPETs/developer-guidelines/tree/5d6d22d22b2f697aeba374552a121460ae793d2a/"/README.md):"risk to endanger privacy of clients"
111
-
* all processed data needs to be analysed to specify a risk level of potential malicious use of the data
112
-
* based on these risk levels special protection routines need to be applied \(refer to standardized risk-levels\)
0 commit comments