My first question here and it's related to GDPR with GCP. Even though I have found some useful information from the Community, I still couldn't find any confirmative information.
I live in Europe and I'm afraid my application using GCP - including Firebase and App Engine - might need some additional configuration due to GDPR. Do you guys know any reference or articles that mention - or even applications - that confirms that using these applications won't need any further configuration regarding GDPR compliance?
Thanks in advance guys!
There are two major areas to GDPR:
Google Cloud is GDPR compliant provided you implement/deploy Google Cloud services correctly.
Your applications and their management of data are not GDPR compliant just because GCP is compliant. You must implement policies and procedures to attain GDPR compliance and maintain compliance.
Compliance with the various standards and requirements is very complicated and challenging. This cannot be answered in the space that Stack Overflow supports. There are substantial books written on these topics.
An example reference is:
The EU General Data Protection Regulation (GDPR): A Practical Guide
Do you guys know any reference or articles that mention - or even applications - that confirms that using these applications won't need any further configuration regarding GDPR compliance?
Compliance is not a software program that tests your application. It is a set of guidelines and requirements that must be reviewed/verified. As I mentioned this is a substantial amount of work to claim compliance.
If you are looking for a quick guide to GDPR look at this book. This is suitable for getting started, but in no way covers everything you need to know.
GDPR - Fix it Fast: Apply GDPR to Your Company in 10 Simple Steps