Best Practices - actonline/privacy GitHub Wiki
Here are some tips for small teams building apps. It only takes a small amount of effort to make a big difference in how your app handles privacy.
Storing data
Treat any personally identifiable information with the same respect you would give your own credit card:
- Only store what you need.
- Store it in as few places as possible (but still maintain good backups).
- Never transmit data unencrypted.
Working with third parties
- Evaluate the privacy policies of each third party you work with.
- Create data walls so contractors and partners only have access to the date they absolutely need to have access to.
- Create a recurring appointment to re-evaluate your practices and partner policies regurarly.
- Educate your co-works about privacy best practices
Think about privacy from the user's point of view
- Create personas for the different users of your app (child, teacher, parent, ...)
- Prepare answers to privacy related questions that may come up.
- Be proactive about telling people about privacy.