We developed a technology that allows to use bubble in a GDPR compliant way.
The technology stores everything encrypted in bubble.io database but shows it unencrypted to the user. The encryption key is stored in the EU and all unencrypting and encrypting of data is also done in the EU.
Also sending of emails is done using the an api. Emails are encrypted by default and other data is encrypted if you put a [gdpr]name[/gdpr] around it. Searching for emails/names will work by calling the api, encrypting the data and then using that to search.
We are thinking of releasing this as a plugin ($100 setup fee) and $50 dollars a month (annual contract) or $75 (montly contract).
Because it’s very expensive to make this available we are searching for at least 25 launch clients before we release this. Is anyone interested?
Would this work for an encrypted chat messaging service? Or will it take too long to encrypt and decrypt the messages each time? How quick is the encryption/decryption process? Let me know.
Sounds interesting. I would be interested in testing it out to see if I could recommend it to my clients. Or if we could see it in action, that would be great too.
Sounds very interesting. don’t write it off yet. A lot of people don’t spend their day in a bubble forum It needs time to grow interesst.
I’m working on developing a solution that requires extensive GDPR compliance and encryption of all data… And preferable keeping all data in the EU.
Can you release some more descriptive information on the plugin and perhaps some demo thingy we can take a look at?
How I implemented, it is that I proxy XHR of the bubble client side. I encrypt everything sent to bubble (by calling a different service), and then I decrypt it again. To make this work and confirm to GDPR, this had to be moved serverside, but that will require a lot of development effort (like two months full time) and maybe in a month or 2, a new GDPR deal is be made with the US (so I don’t think it’s worth it)