Skip to content
/ cpn-pdr-api Public

An API that generates and sends the personal data receipts to the data-subjects.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

CDECatapult/cpn-pdr-api

BranchesTags

Repository files navigation

CircleCI Known Vulnerabilities

Personal data receipt API

This is a micro-service responsible of sending personal data receipts to data-subjects.

Request

It expects a POST http request with a JSON input in the following format:

{
  "trigger": "PROFILE_UPDATE", // enum { PROFILE_UPDATE | MANUAL_REQUEST | REGISTRATION }, mandatory

  "cpn_user_id": "5b222556f8ac34000a1d1562", // string (base64), mandatory

  "cpn_registered_email": "[email protected]", // string (email) required

  "user_name": "Anthony Garcia", // string or null (if the user didn't fill the profile section)

  "given_personal_data": [
    // description of what the user entered   justification for the platform to ask for those informations

    { "description": "Email address", "purpose": "To contact the user" },
    {
      "description": "Name",
      "purpose": "Address the user in a more friendly/ personal way"
    },
    {
      "description": "Twitter handle",
      "purpose": "Get further insight on user preferences",
      "shared_with": ["TruthNest"]
    } // The shared key is only present for the data that are shared with 3rd-party
  ],

  "consents": [
    // description of what the user consented to   justification for the platform to collect them
    {
      "description": "Processing of user's location data",
      "purpose": "To recommend content based on user location"
    },
    {
      "description": "Processing of user's time usage data",
      "purpose": "To recommend content based on last user connection"
    },
    {
      "description": "Processing of user's preferences data",
      "purpose": "To generate personalised content"
    }
  ]
}

Response

The service will always reply with a valid JSON. The format is either:

Configuration

The micro-service can be configured using environment variables. All of the variables listed below must be passed when the service run:

Name Type Example Description
BLOCKCHAIN_API_URL url http://localhost:3042 The url of the blockchain API
BLOCKCHAIN_API_KEY string RyKbvJqVphx8L6jLA6WFphYd6HFmzDxv The API key to send to the blockchain API
MAILGUN_API_KEY string 94b00921dfa91f2fc1573196c71e373d-47217ca8-837a15ba See
MAILGUN_DOMAIN host projectcpn.eu The domain configured in Mailgun
MAIL_FROM string Postmaster [email protected] Email address for From header

Additionally, it is possible to change the behaviour of the service by using those variables:

Name Type Default value Description
LOG_LEVEL string info One of pino/winston log levels
MAILGUN_API_URL url https://api.mailgun.net/v3 Base url of the Mailgun API
MAIL_SUBJECT string Your personal data receipt The subject of the email
THEME_PRIMARY_COLOR color #BE005A The main colour used in the email
THEME_ACCENT_COLOR color #FF3C7D The accent colour used in the email
GDPR_EMAIL email none Email address for the GDPR mailbox, shown in the footer

About

An API that generates and sends the personal data receipts to the data-subjects.

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 3

Add GDPR email variable Latest
Jun 12, 2020
2 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages