<!DOCTYPE html>
<html class="en-GB">
<head>
  <title>GDPR in your Rails app</title>
<meta name="description" content="Get the basics to be GDPR-compliant done in your Rails app." />

<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="YnFqMgTPRf3qHuB5XI63kVWhmH5vazPLQAkuDvOvM3alS8zhcYFf2Fbl8DzCaMsYLU4m2Bc9haqjw9QeHdVy1g==" />

<script src="https://js.stripe.com/v3/"></script>
<meta property="og:site_name" content="Sjabloon">
<meta property="og:title" content="GDPR in your Rails app" />
<meta property="og:description" content="Get the basics to be GDPR-compliant done in your Rails app.">
<meta property="og:type" content="website" />
<meta property="og:url" content="https://www.getsjabloon.com/features/gdpr" />
<meta property="og:image" content="https://www.getsjabloon.com/packs/media/images/social-483fb4efa20beb2655befb29d65850d1.jpg"></meta>

<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@ntscHQ">
<meta name="twitter:domain" value="getsjabloon.com" />
<meta name="twitter:title" value="GDPR in your Rails app" />
<meta name="twitter:description" value="Get the basics to be GDPR-compliant done in your Rails app." />
<meta property="twitter:image" content="https://www.getsjabloon.com/packs/media/images/social-483fb4efa20beb2655befb29d65850d1.jpg"></meta>
<meta name="twitter:url" value="https://www.getsjabloon.com/features/gdpr" />

<meta property="og:logo" content="https://www.getsjabloon.com/logo.jpg" />


<script src="/packs/js/application-52108bb48a94ea445faf.js" data-turbolinks-track="reload"></script>
<link rel="stylesheet" media="screen" href="/packs/css/application-49f7a508.css" data-turbolinks-track="reload" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="google-site-verification" content="6ZvJ4u5D3MhqQhHVjdjAzRUq66Za_Xez7zSLX7tJ-E0" />

</head>

<body class="">
  <div class="site-announcement" data-controller="site-announcements" data-target="site-announcements.banner" data-site-announcements-id="37" data-site-announcements-site-name="sjabloon">
  <span class="site-announcement__badge site-announcement__badge--#{last_announcement.announcement_type}">
    news
  </span>

  <a class="site-announcement__title" href="https://railsdesigner.com/">Professionally designed UI components to build your next Ruby on Rails app even faster</a>

  <a class="site-announcement__action" href="https://railsdesigner.com/">Check it out</a>

  <button class="site-announcement__close" data-action="click->site-announcements#dismiss">
    <svg viewbox="0 0 20 20" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" class="site-announcement__close-icon"> <g id="Page-1" stroke="none" stroke-width="1" fill-rule="evenodd"> <g id="icon-shape"> <polygon id="Combined-Shape" points="10 8.58578644 2.92893219 1.51471863 1.51471863 2.92893219 8.58578644 10 1.51471863 17.0710678 2.92893219 18.4852814 10 11.4142136 17.0710678 18.4852814 18.4852814 17.0710678 11.4142136 10 18.4852814 2.92893219 17.0710678 1.51471863 10 8.58578644"></polygon> </g> </g> </svg>

  </button>
</div>






  <nav class="justify-between text-sm leading-tight nav" data-controller="navigation" data-target="navigation.component" data-action="scroll@window->navigation#onScroll">
  <a class="inline-flex" href="/">
    <svg width="30" height="30" viewBox="0 0 200 200" xmlns="http://www.w3.org/2000/svg"><title>logo</title><defs><linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="a"><stop stop-color="#00CAFF" offset="0%"/><stop stop-color="#009AFF" offset="100%"/></linearGradient></defs><g fill="none" fill-rule="evenodd"><circle fill="url(#a)" cx="100" cy="100" r="100"/><path d="M126.412 145.011v16.379H72.565v-16.379H46L83.558 39h35.136l37.356 106.011h-29.638zm-7.464-24.006L102.54 64.847l-16.267 56.158h32.676z" fill="#FFF"/></g></svg>
</a>
  <div class="nav__items"  data-target="navigation.items">
      <a class="nav__item nav__link" href="/login">log in</a>
  </div>

  <span role="link" class="navigation__item navigation__toggle" data-target="navigation.toggle" data-action="click->navigation#toggle">menu</span>
</nav>




<div class="overflow-hidden hero">
  <div class="container hero__content">
    <span class="feature-hero__tag">Feature</span>
    <h1 class="feature-hero__heading">
      GDPR in your Rails app
    </h1>

    <p class="feature-hero__intro">
      GDPR is is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas. As creators/owners of web applications it’s your responsibility to be careful with your user’s data. As a default you should strive to obtain as little data of your users as possible. Sjabloon helps you with a few of these things.
    </p>
  </div>

  <div class="bg-no-repeat bg-cover shadow-lg chrome-wrapper" style="background-image: url(https://www.getsjabloon.com/packs/media/images/features/gdpr-3a67bd083217f2b409d639000e4ac233.jpg); width: 100%; max-width: 120rem; height: 30rem"></div>
</div>

<div class="max-w-xl mx-auto mt-16">
  <h2 class="mt-6 mb-1 text-xl font-bold">Filter parameter logging</h2>
  <p class="">Rails built-in Filter Parameter Logging replaces sensitive parameter data from the request log. Sjabloon adds a few common parameters for you (only in production).</p>

  <h2 class="mt-6 mt-8 mb-1 text-xl font-bold">Ask and track user consent (only when adding authentication)</h2>
  <div class="">
    <p class="">When a visitor creates an account on your app, they are prompted to give their consent for each policy (eg. privacy policy, terms of service, etc.) you add. This consent is then set for this user (in a Consent model). Whenever you make changes to any of these policies you need to ask the consent of your users again. With Sjabloon you can create and update different policies with ease and when your user visits your site, they get prompted to read and accept your new policies. Sjabloon comes also with a helper that checks if consent is given (which you can check against in your app, eg. controller, helper, service object, etc.). The modal that’s shown to user is easily customisable.</p>
  </div>

  <h2 class="mt-6 mt-8 mb-1 text-xl font-bold">Cookie notification for page analytics and other third-party services</h2>
  <div class="">
    <p class="">When a Cookie Policy is available a small modal at the bottom of the page will show, notifying your visitors about the fact you use cookies. They can click to see your Cookie Policy and accept it. The design of the modal can also easily be modified. </p>
  </div>

  <h2 class="mt-6 mt-8 mb-1 text-xl font-bold">Anonymise IP addresses for Google Analytics</h2>
  <div class="">
    <p class="">Sjabloon gives you a one-click option to install multiple page analytics tool like Google Analytics, Clicky and Simple Analytics. Both Clicky and Simple Analytics do not collect, but anonymise IP addresses by default, but Google Analytics does collect IP addresses. Sjabloon sets the <code>anonymize_ip</code> option to true by default.</p>
  </div>

  <h2 class="mt-6 mt-8 mb-1 text-xl font-bold">Other things to think about</h2>
  <p>No app is alike and as such it’s impossible to provide full coverage for GDPR out-of-the-box with Sjabloon. Things you might need to look into, dependending on your app:</p>

  <ul class="mt-8 list-disc">
    <li>user data export option;</li>
    <li>full removal of user data (from your database ánd backups);</li>
    <li>write your own terms of service, privacy policy and cookies service.</li>
  </ul>
</div>



  <footer class="footer-wrapper">
  </footer>


  <script async defer data-domain="getsjabloon.com" src="https://plausible.io/js/plausible.js"></script>



</body>
</html>