GitPedia

Gdpr tracker

A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors

From privacyradius·Updated June 16, 2026·View on GitHub·

[ComplianceRank](https://compliancerank.com/) is a crowdsourced directory that makes it easier for companies and consumers to keep track of the data handling practices of their subcontractors and cloud services in real-time. The project is written primarily in JavaScript, distributed under the MIT License license, first published in 2018. Key topics include: audit, certificates, certification, cloud, cloud-service.

ComplianceRank (formerly GDPR Tracker)

<img src="https://github.com/privacyradius/gdpr-tracker/blob/master/images/screenshot.png">

ComplianceRank is a crowdsourced directory that makes it easier for companies and consumers to keep track of the data handling practices of their subcontractors and cloud services in real-time.

This repository holds all the services displayed in the directory. We strongly believe that data handling practices should be easily available to business & customers.

How to add a service?

You can add a service by following the contribution guidelines.

Format

We use JSON Schema to validate the data and to maintain a high level of data quality. Please find the schema at the following location.

FieldTypeFormatRequiredOptionsDescription
idstring*Unique id to identify the company
namestring*Name of the company
descriptionstring*Description of the service
websitestringurl*Website of the service
applicationUrlstringurl*Application of the service
categoriesarray*Categories that the service belongs to
iconUrlstringurl*URL to the icon of the service (recommended size 400x400px). Must be HTTPS
countryHQstringISO ALPHA-2 code*Country of HQ
gdprReadyStatusenum*unknown<br> inProgress<br> ready<br> nonCompliantGDPR readiness status of this service
privacyUrlstringurlLink to privacy policy
dsarUrlstringurlData Subject Access Rights Form URL
dpaUrlstringurlData Processing Agreement URL
subprocessorsUrlstringurlSubprocessors overview URL
dataCentersarrayLocations where data is hosted
hostingProvidersarrayHosting providers
contactsarrayAppointed DPOs or privacy officers per region, we only support 3 types DPO, Privacy Officer, Other
certificationsenum- ISO 27001<br> - ISO 27002<br> - ISO 27017<br> - ISO 27018<br> - C5<br> - PCI DSS Level 1<br> - PCI DSS Level 3.1<br> - PCI DSS Level 3.2<br> - PCI DSS Level 4.0<br> - SOC 1<br> - SOC 2 Type I<br> - SOC 2 Type II<br> - SOC 3<br> - HIPAA<br> - HITECH<br> - RESO<br> - ISAE 3000<br> - EU-U.S. Privacy Shield<br> - Swiss-U.S. Privacy Shield<br> - CSA<br> - OpenID<br> - TRUSTe Enterprise Privacy Certification<br> - SOXCertifications
dataBreachesarrayReported data breaches
articlesarrayGDPR & privacy related articles
bugBountyProgramUrlstringurlLink to bug bounty program
statusUrlstringurlLink to status page
statusTwitterstringTwitter account that communicates about service status & uptime
businessModelarray- B2B<br>- B2C<br>- B2B2CBusiness model
verifiedbooleanVerified by company representative

Example

{
  "id": "acme",
  "name": "Acme",
  "description": "CRM & Customer platform for SMBs",
  "categories": [
    "CRM", 
    "Customer Support"
  ],
  "iconUrl": "https://pbs.twimg.com/profile_images/922908923207839744/5EZID3tH_400x400.jpg",
  "website": "https://www.acmesaas.com",
  "applicationUrl": "https://app.acmesaas.com",    
  "twitter": "acme",
  "countryHQ": "US",
  "gdprReadyStatus": "inProgress",
  "privacyUrl": "https://www.acmesaas.com/privacy",
  "dsarUrl": "https://bs.gdprform.io",
  "dpaUrl": "https://www.acmesaas.com/dpa",
  "subprocessorsUrl": "https://www.acmesaas.com/subprocessors",
  "dataCenters": [
    "EU"
  ],
  "hostingProviders": [
    "AWS", 
    "Digital Ocean"
  ],
  "contacts": [
    {
      "type": "DPO",
      "name": "John Doe",
      "email": "john@dpo.com",
      "region": "EU"
    }, 
    {
      "type": "DPO",
      "name": "Tim Doe",
      "email": "tim@dpo.com",
      "region": "US"
    }
  ],
  "certifications": [
    "ISO 27001", 
    "HIPAA"
  ],
  "dataBreaches": [
    {
      "date": "10/12/2017",
      "url": "https://www.beatswtich.com/breach"
    }
  ],
  "articles": [
    {
      "date": "02/12/2018",
      "url": "https://www.beatswtich.com/gdpr"
    }
  ],
  "bugBountyProgramUrl": "https://www.beatswtich.com/bounty-program",
  "statusUrl": "https://www.beatswtich.com/status",
  "statusTwitter": "beatswitchstatus",
  "securityUrl": "https://www.beatswtich.com/security",
  "businessModel": ["B2C"]
  "verified": true
}

Removal

If you want your service to be removed from the tracker, send in a pull request with the reason stated.

License

MIT License. Please see the license file for more information.

About

Made in Belgium 🇧🇪 Europe 🇪🇺

The GDPR Tracker is created by Privacy Radius. Privacy Radius is a European provider of AI-powered data and privacy solutions to help companies create trusted environments to protect consumers' privacy and data rights.

Disclaimer

We do our best to ensure that the data we provide is complete, accurate and useful. However, because we do not verify all the data, and because the processing required to make the data useful is complex, we cannot be liable for omissions or inaccuracies.

Contributors

Showing top 12 contributors by commit count.

Gdewilde

Gdewilde

217 commits

johandekeulenaer

johandekeulenaer

26 commits

TallGuysFreeADMIN

TallGuysFreeADMIN

13 commits

gdpr-tracker-bot

gdpr-tracker-bot

6 commits

willem-delbare

willem-delbare

4 commits

driesvints

driesvints

2 commits

evrardts

evrardts

2 commits

gpjt

gpjt

2 commits

jonathanbull

jonathanbull

2 commits

philiphacks

philiphacks

2 commits

michieldewilde

michieldewilde

2 commits

adrianmejias

adrianmejias

1 commits

View all contributors on GitHub →

This article is auto-generated from privacyradius/gdpr-tracker via the GitHub API.Last fetched: 6/25/2026