The Data protection Code of Conduct v2 describes an approach to meet the requirements of the EU GDPR in federated identity management. The Data protection Code of Conduct defines behavioral rules for Service Providers which want to receive user attributes from the Identity Providers managed by the Home Organisations. It is expected that Home Organisations are more willing to release attributes to Service Providers who manifest conformance to the Data protection Code of Conduct.
- Privacy Notice Template
- Handling non-compliance
- Good practice for Home Organisations
- How the Home Organisation should inform the End User
- Recipe for a Service Provider
- Recipe for a Home Organisation
- Recipe for a Federation Operator
Tools and resources
Moved to Data Protection Code of Conduct Home.