4.0 KiB
title | author | description | ms.author | ms.custom | ms.date | uid |
---|---|---|---|---|---|---|
General Data Protection Regulation (GDPR) support in ASP.NET Core | tdykstra | Learn how to access the GDPR extension points in an ASP.NET Core web app. | tdykstra | mvc | 07/11/2019 | security/gdpr |
EU General Data Protection Regulation (GDPR) support in ASP.NET Core
ASP.NET Core provides APIs and templates to help meet some of the EU General Data Protection Regulation (GDPR) requirements:
:::moniker range=">= aspnetcore-7.0"
- The project templates include extension points and stubbed markup that you can replace with your privacy and cookie use policy.
- The
Pages/Privacy.cshtml
page orViews/Home/Privacy.cshtml
view provides a page to detail your site's privacy policy.
For GDPR guidance that applies to Blazor apps, see xref:blazor/security/gdpr.
To enable the default cookie consent feature like that found in the ASP.NET Core 2.2 templates in a current ASP.NET Core template generated app, add the following highlighted code to Program.cs
:
[!code-csharpMain]
In the preceding code, xref:Microsoft.AspNetCore.Builder.CookiePolicyOptions and xref:Microsoft.AspNetCore.Builder.CookiePolicyAppBuilderExtensions.UseCookiePolicy%2A are used.
-
Add the cookie consent partial to the
_Layout.cshtml
file:[!code-cshtmlMain]
-
Add the
_CookieConsentPartial.cshtml
file to the project:[!code-cshtmlMain]
-
Select the ASP.NET Core 2.2 version of this article to read about the cookie consent feature.
Customize the cookie consent value
Specify the value used to track if the user consented to the cookie use policy using the CookiePolicyOptions.ConsentCookieValue
property:
[!code-csharpMain]
Encryption at rest
Some databases and storage mechanisms allow for encryption at rest. Encryption at rest:
- Encrypts stored data automatically.
- Encrypts without configuration, programming, or other work for the software that accesses the data.
- Is the easiest and safest option.
- Allows the database to manage keys and encryption.
For example:
- Microsoft SQL and Azure SQL provide Transparent Data Encryption (TDE).
- SQL Azure encrypts the database by default
- Azure Blobs, Files, Table, and Queue Storage are encrypted by default.
For databases that don't provide built-in encryption at rest, you may be able to use disk encryption to provide the same protection. For example:
Additional resources
- Microsoft Trust Center: Safeguard individual privacy with cloud services from Microsoft: GDPR
- European Commission: Data protection explained
:::moniker-end