{"id":4725,"date":"2018-06-11T09:00:42","date_gmt":"2018-06-11T09:00:42","guid":{"rendered":"https:\/\/yeeply.com\/en\/blog\/?p=4725"},"modified":"2021-04-23T13:24:34","modified_gmt":"2021-04-23T11:24:34","slug":"gdpr-mobile-apps","status":"publish","type":"post","link":"https:\/\/yeeply.com\/en\/blog\/mobile-app-development\/gdpr-mobile-apps\/","title":{"rendered":"GDPR for mobile apps: 5 steps to meet the new regulation"},"content":{"rendered":"

Since May 2018, the <\/span>General Data Protection Regulation<\/b> for the European Union has been introduced. This means the GDPR for mobile apps is also affected by the new law. That\u2019s why not only app users but also app providers start to won<\/span>der what this really means and how the changes can affect them regarding <\/span>data protection<\/b>. In this article, we will explain what <\/span>GDPR<\/b> means and how your app can comply with the new requirements. Let\u2019s start with explaining the regulation.<\/span><\/p>\n

WANT TO CREATE AN APP? TELL US ABOUT YOUR PROJECT!<\/a><\/div>\n

What is GDPR?\u00a0<\/b><\/h2>\n

The General Data Protection Regulation (GDPR) is the latest European regulation concerning <\/span>personal data protection<\/b>. With the endless increase of <\/span>internet and app usage<\/b>, our personal data is shared to the point that we don\u2019t even know who has access to it anymore. Names, email addresses, phone numbers, IP addresses and much more are out in the wild. Users provide them but the <\/span>usage of these data is rarely transparent<\/b>. <\/span><\/p>\n

For example, the <\/span>Cambridge Analytica<\/b> scandal demonstrated that personal information can be tapped to create targeted online ads. Personal data was used to profile voters in the US thanks to a personality-quiz app dating back from 2014.<\/span><\/p>\n

The GDPR essentially gives <\/span>more control to the users over their data<\/b>. The main takeaways are a <\/span>new transparency framework, a new compliance journey, and punishment regime<\/b>. To comply with the GDPR is, therefore, the norm. So what does<\/span> the GDPR for mobile app<\/span>s mean for already existing and new applications?<\/span><\/p>\n

\"GDPR
Image by\u00a0<\/span>Dennis Van Der Heyden<\/span><\/a> via <\/span>Flickr<\/span><\/a><\/figcaption><\/figure>\n

GDPR for mobile apps: <\/b>how to comply?<\/b><\/h2>\n

You understood correctly, the GDPR is about <\/span>data protection<\/b>. The new rules must be taken into account at every step of the development of your app. Whether you are choosing a business model or determining your mobile app design<\/a>, you must bear in mind the way you will <\/span>handle data and inform your users<\/b>.<\/span><\/p>\n

    \n
  1. \n

    Data mapping<\/span><\/h3>\n<\/li>\n<\/ol>\n

    The first thing to do is to map the transfers of data. You need to know where in your app you will receive data from your users. Where do you get it from? And where does it go to? You need to keep in mind that you will have to <\/span>explain to your users why you collect their data<\/b>.<\/span><\/p>\n

      \n
    1. \n

      Security <\/span><\/h3>\n<\/li>\n<\/ol>\n

      The security of your app was already a prerequisite before the GDPR. The data collected via your mobile app, despite its nature, must absolutely be secured. Depending on the type of data collected you may even need to do a <\/span>Data Protection Impact Assessment <\/b>(DPIA). However, this will probably not affect many mobile apps as a DPIA is only mandatory in case there seems to be a <\/span>high risk to the rights of the user<\/b>. It is vital to ensure the app complies with the GDPR requirements and to identify any weakness that will necessitate <\/span>advanced protection<\/b>.<\/span><\/p>\n

      \"Ebook<\/a><\/p>\n

        \n
      1. \n

        Privacy by design\u00a0<\/span><\/h3>\n<\/li>\n<\/ol>\n

        Similarly to the days before the GDPR, your users will have to agree to the app\u2019s <\/span>Terms & Conditions<\/b>. Although they are supposed to read the whole document, we know very well that only a few ever will. At this stage, make sure your app\u2019s Terms & Conditions align with the <\/span>current GDPR legislation<\/b>. Obviously, the same applies to the <\/span>Privacy Policy<\/b>, but you will now have to explain:<\/span><\/p>\n