https://github.com/subrose/thorn

🌹 Thorn is an open-source, data privacy vault to store and manage PII in a fully compliant manner.
https://github.com/subrose/thorn

ccpa data-privacy encryption gdpr hipaa pci pci-dss privacy privacy-by-default privacy-by-design privacy-engineering security subrose

Last synced: 3 months ago
JSON representation

🌹 Thorn is an open-source, data privacy vault to store and manage PII in a fully compliant manner.

• Host: GitHub
• URL: https://github.com/subrose/thorn
• Owner: subrose
• License: other
• Created: 2023-06-11T11:09:31.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2024-02-14T12:12:28.000Z (over 2 years ago)
• Last Synced: 2024-06-21T17:04:30.835Z (almost 2 years ago)
• Topics: ccpa, data-privacy, encryption, gdpr, hipaa, pci, pci-dss, privacy, privacy-by-default, privacy-by-design, privacy-engineering, security, subrose
• Language: Go
• Homepage: https://subrose.io
• Size: 1 MB
• Stars: 19
• Watchers: 1
• Forks: 1
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: SECURITY.md

Awesome Lists containing this project

README

          


  





  
Open-source, data privacy vault to store and manage PII in a fully compliant manner.




  Website | 

  Blog | 

  Docs





  

    

  

  

    

  

  

    

  

  

    

  



Thorn is an open source, data privacy vault that uses encryption, tokenisation & configurable access control to meet security, compliance, residency requirements. Bake compliance with GDPR, CCPA and other privacy compliance laws into your architecture and protect your customer's data.

- **Restful Service** RESTful APIs that work with any language or framework

- **Highly Performant** Designed from the ground up for high performance and ultra low latency usecases

- **Run Anywhere** Cloud, on-premise, or serverless, Subrose can run anywhere, no vendor lock-in, no strings attached

- **Audit Logs** Every action on the vault is logged with full context

- 🔜 **1-Click Deploy** to cloud providers

- 🔜 **Automatic Secret Rotation** custom encryption providers (Hashicorp Vault/NaCl secretbox)

- 🔜 **PII types** pre-configured PII types

And more.

## 🚀 Get started

> **Warning**

> Thorn is currently in pre-alpha and not ready for usage, however contributions and discussions are more than welcome at this stage.

To spin up the development enviroment:

```

docker-compose up

```

This will spin up the thorn api and postgres for data storage. Full development guide coming soon.

## 🌹 Subrose?

Subrose makes privacy engineering & compliance straightforward by default.

We're on a mission to make data privacy and compliance easy for all developers.

If you care about protecting your customer's data, complying with regulation and having a [secure by default](https://www.ncsc.gov.uk/information/secure-default) then Subrose is right for you.

We are currently working hard to make Subrose more extensive and adding features by the day. Need any integrations or want a new feature? Feel free to [create an issue](https://github.com/subrose/thorn/issues) or contribute directly to the project.

## ❤️ Community & Support

- [GitHub Discussions](https://github.com/subrose/thorn/discussions) (For getting help, providing feedback or discussing privacy engineering.)

- [GitHub Issues](https://github.com/subrose/thorn/issues) (For any bugs and errors you encounter using Subrose)

- [Twitter](https://twitter.com/subroseio) (For realtime updates)

- [Linkedin](https://linkedin.com/company/subrose) (For company information)

## 🏘 Licensing

This repo is available under the MIT expat license. See the [LICENSE](./LICENSE) file for more info.

## 🛡 Security

Looking to report a security vulnerability? Please don't post about it in GitHub issue. Instead, refer to our [SECURITY.md](./SECURITY.md) file.

## 🌱 Contributing

Contributions in all forms are welcome!