{"id":20571589,"url":"https://github.com/circl/compliance","last_synced_at":"2026-03-07T08:01:57.337Z","repository":{"id":139220979,"uuid":"129053666","full_name":"CIRCL/compliance","owner":"CIRCL","description":"Legal, procedural and policies document templates for operating an IRT","archived":false,"fork":false,"pushed_at":"2024-03-15T06:15:29.000Z","size":2498,"stargazers_count":64,"open_issues_count":1,"forks_count":13,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-02-25T22:47:38.337Z","etag":null,"topics":["csirt-activities","gdpr","incident-response","legal","privacy","privacy-notice"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CIRCL.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-04-11T07:34:04.000Z","updated_at":"2025-01-27T22:46:54.000Z","dependencies_parsed_at":"2023-07-31T07:45:22.710Z","dependency_job_id":null,"html_url":"https://github.com/CIRCL/compliance","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fcompliance","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fcompliance/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fcompliance/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CIRCL%2Fcompliance/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CIRCL","download_url":"https://codeload.github.com/CIRCL/compliance/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242187807,"owners_count":20086224,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csirt-activities","gdpr","incident-response","legal","privacy","privacy-notice"],"created_at":"2024-11-16T05:16:38.834Z","updated_at":"2026-03-07T08:01:52.306Z","avatar_url":"https://github.com/CIRCL.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# legal compliance and CSIRT activities\n\nThis repository contains information and materials to support CSIRT activities and especially regarding legal compliance.\n\n## GDPR and privacy-related activities for CSIRTs\n\n- [JSON Schema for GDPR records of processing activities](https://github.com/CIRCL/compliance/blob/master/gdpr/json-schema/processing-activities-records-schema.json)\n- [Processing activity - an example with PGP Keyserver service](https://github.com/CIRCL/compliance/blob/master/gdpr/json-schema/processing-activities-records-example.json)\n\n### Slides\n\n- [Slides - CSIRT and GDPR workshop 7th May 2018](gdpr/workshop-materials/)\n\n### FAQ\n\n- [General FAQ](gdpr/workshop-materials/FAQ.md)\n\n### Privacy notices for CSIRT services\n\n- [Privacy notice for OpenPGP keyserver](gdpr/notice-template/privacy_notice_openpgpkeyserver.md)\n- [Generic Privacy notice - CIRCL](https://www.circl.lu/privacy/) - [privacy notice in Markdown format](gdpr/notice-template/privacy.md) reusable under the terms of the Creative Common Attribution 4.0 International (CC BY 4.0) license.\n\n### Additional documents\n\n#### MISP and information sharing\n\n- [MISP - Information sharing and cooperation enabled by GDPR](https://www.misp-project.org/compliance/GDPR/)\n- [MISP - How MISP enables stakeholders identified by the NISD to perform key activities](https://www.misp-project.org/compliance/NISD/)\n\n#### Analysis Information Leak framework (AIL) and MISP\n\n- [AIL information leaks analysis and the GDPR in the context of collection, analysis and sharing information leaks](./gdpr/articles/information-leaks-analysis-and-gdpr.md) - [PDF version](https://www.circl.lu/assets/files/information-leaks-analysis-and-gdpr.pdf)\n\n\n## CSIRT tooling\n\n- [CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools](https://github.com/CIRCL/compliance/blob/master/csirt-tooling-best-practices/index.md)\n\n## Acknowledgement\n\nThis work is co-financed by the European Union under the CEF grant 2016-LU-IA-0098 and [CIRCL](https://www.circl.lu/). Thanks to all the contributors who helped by providing feedback, issues and documents.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcircl%2Fcompliance","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcircl%2Fcompliance","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcircl%2Fcompliance/lists"}