Privado
Last updated
Last updated
Privado is an open source static code analysis tool to discover data flows in the code. It detects the personal data being processed, and further maps the journey of the data from the point of collection to going to interesting sinks such as third parties, databases, logs, and internal APIs.
Privacy Engineers
Data Protection Engineers
Data Governance Engineers
Security Engineers
Mobile App Developers
Developers
Privado lets an engineer ask contextual questions on usage of sensitive data at scale
Generate and maintain Data map and Record of Processing Activity Reports ( Article-30 Reports )
Automate the generation of the data-flow diagrams
Identify and remove data leaks
Improve data storage security by identifying and fixing insecure practices
Finding and fixing unaccounted third-party sharing of data
Establish and enforce Data Protection and Governance policies
Generate Android Data Safety Report
Incorporate various GDPR, CCPA, SOC, ISO, HIPAA, PCI controls
Do continuous monitoring for privacy and data issues
Implement Privacy by Design
Privado can be run locally on your computer or in your CI/CD pipeline. During the scanning process, Privado creates a knowledge graph of personal data flows. You never have to worry about your code leaving your machine since the scan is local. An output file is stored in JSON format. The results can be viewed on Privado Cloud Dashboard.
Upon scanning a repository, Privado will discover the following information in the code and presents it in a nice dashboard for your review.
Data Elements
Data Flow Diagrams
Data Inventory
Code Analysis
Issues
Apart from getting a comprehensive outlook of your data practices for Privacy Audits, you can also use the tool to generate various privacy reports to comply with privacy laws like GDPR and CCPA.
Our free cloud platform can be used to generate RoPA reports for a single, as well as a combination of repositories added to the platform. Check out how to create a RoPA report for your repository.
Data Safety Report is a privacy form that is needed to publish any Android app on the Play Store. Currently, to fill the data safety form developers have to ask around in the team to find what data they are collecting, spend hours reading the documentation of SDKs to find data shared, and navigate the complex Playstore form. With our scan, we pre-fill data types collected, shared, and guide you with our wizard to generate the data safety report.
We support Java in GA and Python in alpha. Our Enterprise offering covers all programming languages, and we're working on adding support for more languages to OSS. Support for JS/TS is coming soon!
If you love this project and would like to contribute, please check out our contribution page