Databunker

Databunker is a network-based, self-hosted, GDPR compliant, secure vault for personal data or PII: https://databunker.org/

🚀 Quick Start (5 minutes)

# Pull and run Databunker container
docker pull securitybunker/databunker
docker run -p 3000:3000 -d --rm --name dbunker securitybunker/databunker demo

# Create user records
curl -s http://localhost:3000/v1/user -X POST \
  -H "X-Bunker-Token: DEMO" \
  -H "Content-Type: application/json" \
  -d '{"first":"John","last":"Doe","login":"john","email":"user@gmail.com"}'

# Get user by login, email, phone, or token
curl -s -H "X-Bunker-Token: DEMO" -X GET http://localhost:3000/v1/user/login/john

# Admin UI: http://localhost:3000

💡 What Problems Does Databunker Solve?

1. Prevents Data Breaches

   • Eliminates SQL injection vulnerabilities
   • Protects against GraphQL data exposure
   • Segregates sensitive data from your main database

2. Simplifies Compliance

   • GDPR, CCPA, HIPAA ready out of the box
   • Built-in consent management
   • Automated data minimization
   • Full audit trail of all operations

3. Reduces Development Time

   • Simple REST API for all operations
   • SDK available for popular languages
   • Drop-in replacement for your user table
   • Built-in session management

Project demo is available at: https://databunker.org/doc/demo/.

Please add a star if you like our project.

🔒 Key Security Features

• Encrypted Storage: All personal records are encrypted using AES-256
• Secure API: REST API with strong authentication
• Tokenization: Replace sensitive data with tokens in your main database
• Access Control: Fine-grained permissions and audit logging
• Data Segregation: Physical separation from your application database

🔌 Integration Examples

// Node.js Example
const { Databunker } = require('databunker-sdk');
const db = new Databunker({
  url: 'http://localhost:3000',
  token: 'DEMO'
});

// Store user record
await db.users.create({
  email: 'user@example.com',
  name: 'John Doe',
  phone: '+1-415-555-0123'
});

// Retrieve user by email
const user = await db.users.findByEmail('user@example.com');

📊 Use Cases

• User Profile Storage: Secure storage for user personal data
• Healthcare Records: HIPAA-compliant patient data storage
• Financial Services: PCI DSS compliant customer records
• Identity Management: Secure user authentication and session storage
• GDPR Compliance: Built-in tools for data privacy regulations

💻 Available Editions

Community Edition (Free)

• Full encryption capabilities
• MySQL/PostgreSQL support
• Basic audit logging
• MIT license

Enterprise Edition (Startup-friendly pricing)

• Multi-tenancy support
• Advanced monitoring
• Priority support
• Custom deployment options
• Aurora PostgreSQL auto-scaling

🔧 Technical Specifications

• Written in Go for high performance
• Supports MySQL and PostgreSQL
• REST API with OpenAPI specification
• Containerized deployment
• Horizontal scaling support
• Automated backups
• High availability options

📚 Resources

1. GDPR compliance and Databunker introduction video https://www.youtube.com/watch?v=QESOuL3LMj0
2. https://oppetmoln.se/20220223/databunker-en-oppen-losning-for-gdpr-saker-lagring-av-kundinformation/
3. https://www.freecodecamp.org/news/how-to-stay-gdpr-compliant-with-access-logs/
4. https://news.ycombinator.com/item?id=26690279
5. https://hackernoon.com/data-leak-prevention-with-databunker-xnn33u9
6. https://anchor.fm/techandmain/episodes/Huawei--Microsoft-and-DataBunker--Yuli-Stremovsky-evl385
7. https://nocomplexity.com/documents/simplifyprivacy/databunker.html
8. https://ipv6.rs/tutorial/FreeBSD_Latest/Databunker/
9. https://selfhostedworld.com/software/databunker
10. https://ipv6.rs/tutorial/Void_Linux/Databunker/
11. https://slashdot.org/software/p/Databunker/
12. https://github.com/expressjs/session
13. https://stackshare.io/databunker
14. https://dbweekly.com/issues/348
15. https://databunker.org/

📘 GDPR: Out of the box solution for:

1. Right of access
2. Right to restrict processing / Consent withdrawal
3. Right to be forgotten
4. Right to rectification
5. Right to data portability

⚡ Databunker use cases

Detailed information can be found at https://databunker.org/use-case/

• A perfect backend for a KYC system for a crypto startup
• Temporary record identities for secure data exchange
• Audit trail and tracing customer profile changes
• Critical Data Segregation: Implementation Guide
• Continuous Data Protection for PII/PHI records
• Custom Privacy-Enhancing Technology - PET
• User rights and privacy controls
• PII/PHI storage and tokenization
• Automatic log retention policy
• Privacy by Design Compliance
• Simplify user login backend
• Consent Management Platform
• Personal Data minimization
• Secure session storage
• GDPR request workflow
• DPO Management Portal
• User privacy portal
• ISO27001 Compliance
• HIPAA Compliance
• GDPR Compliance
• SOC2 Compliance
• Pseudonymization
• Passport.js support

Help us to raise awareness. Please add a ⭐ star and share this project with your friends.