django-GDPR-assist

Tools to help manage your users' data in the age of GDPR

https://github.com/wildfish/django-gdpr-assist

Features

• Find, export and anonymise personal data to comply with GDPR requests
• Track anonymisation and deletion of personal data to replay after restoring backups
• Anonymise all models to sanitise working copies of a production database

Supports Django 2.2 to 4.0, on Python 3.6 to 3.10.

See the full documentation for details of how GDPR-assist works; in particular:

• Installation - how to install
• Usage - overview of how to use it with your project
• Upgrading - what has changed from previous versions and how to upgrade
• Contributing - how to contribute to the project

Quickstart

Install with pip install django-gdpr-assist, add gdpr_assist to Django's INSTALLED_APPS and add a gdpr_log definition to DATABASES.

Then start adding privacy metadata to your models:

class Comment(models.Model):
    name = models.CharField(max_length=255, blank=True)
    age = models.IntegerField(null=True, blank=True)
    message = models.TextField()

    class PrivacyMeta:
        fields = ['name', 'age']
        search_fields = ['name']
        export_fields = ['name', 'age', 'message']

This will allow you to anonymise and export data in this model using the standard gdpr-assist admin tool. You can also configure anonymisation or deletion of a related model to trigger anonymisation of your model, and can manually register a PrivacyMeta for third-party models without modifying their code.

Anonymisation and deletion events for models registered with gdpr-assist are logged for replay after a backup restoration with the gdpr_rerun management command. When you need to work with a copy of the production data, there is also the anonymise_db command, which will anonymise the whole database.