Best Practices - actonline/privacy GitHub Wiki

Here are some tips for small teams building apps. It only takes a small amount of effort to make a big difference in how your app handles privacy.

Storing data

Treat any personally identifiable information with the same respect you would give your own credit card:

• Only store what you need.
• Store it in as few places as possible (but still maintain good backups).
• Never transmit data unencrypted.

Working with third parties

• Evaluate the privacy policies of each third party you work with.
• Create data walls so contractors and partners only have access to the date they absolutely need to have access to.
• Create a recurring appointment to re-evaluate your practices and partner policies regurarly.
• Educate your co-works about privacy best practices

Think about privacy from the user's point of view

• Create personas for the different users of your app (child, teacher, parent, ...)
• Prepare answers to privacy related questions that may come up.
• Be proactive about telling people about privacy.