After a lot of googling, searching forums and reading articles, tackling the GDPR requirements in a Glide app is still none the clearer.
Of course, this is a mandatory requirement for everyone in Europe (and those with any European users) and must be addressed when making an app aimed at a public audience.
I have seen a lot of discussion (most of it in 2020) with people worrying about how to comply. Of course, if it’s impossible perhaps glide isn’t the software for you. But there are many successful apps out there who have navigated this requirement.
To make things easier for newcomers, I propose that app developers here share THEIR steps to make their apps GDPR compliant. Of course, every app is different and this won’t be a rule book any app can follow, but I feel we can all learn from each others ideas in order to protect our users data and avoid a big fine. Big thanks to Glide for implementing a required checkbox for privacy policies on sign up….but is this enough? What else have we all done? Front-end and back-end…?
Looking forward to hearing your suggestions and solutions. I know many here are desperate to make sure they are doing everything correct, and would appreciate some successful app developers thoughts on the matter.
Here are some related parts from Glide’s website.
Personally I don’t work much with EU clients but European experts like @V88 @Oscar_V88 @Aymeric_de_Maussion @VVerhille @nathanaelb @Marc-Olivier may have something to say about this.
My personal view is that GDPR is a bunch of baloney, no company is doing everything correctly and therefore no company in the
EU world is GDPR compliant. They might think they are, but they are not.
The best a company can do is be on a journey towards GDPR compliance, somewhere on the scale of compliance, and show good intentions. If a company can show it has good intentions and has done all it can do, then that should be good enough to be considered compliant. This is the current status of most companies in the EU.
Disagree. Many companies have strict policies in place to comply and ensure all staff are trained and well informed.
I’m just curious. How hard would it be for them to use a Glide solution? What things would have to be done technically from a builder’s perspective to make sure you comply with the policies?
GDPR mainly protects users from 3rd parties storing and/or using their personal data without their permission. Therefore, if you have their explicit permission to store and do whatever you intend to do with their data then you can do just about anything with Glide.
That said, I see one of the biggest hurdles will be the likelihood that all data is stored outside of the EU.
My understanding is the DPA (Data Processing Agreement) references the SCC’s (Standard Contractual Clauses) for either the EU or UK in order to ensure compliance. Section 6 of the DPA covers a lot of this