1. General Overview
This document outlines the technical, security, and compliance commitments of the MyFoodRepo platform — a web and mobile solution for collecting and analyzing anonymized dietary data.
The system is built on a cloud architecture hosted in Europe, using a Ruby on Rails backend, PostgreSQL database, and complementary services (Redis, Sidekiq, S3, etc.).
The application complies with applicable regulations (GDPR, CNIL), implements strong encryption and traceability measures, and ensures the maintenance, confidentiality, and availability of the service according to current security standards.
2. Licenses and Software
All required software licenses (OS, databases, frameworks, libraries) are provided and managed. The application runs on Heroku using Ruby/Rails, PostgreSQL, Redis, Puma, Sidekiq, S3 storage, and documented Ruby/JavaScript dependencies. Only necessary components are installed. Open-source, free, and SaaS elements are maintained and security-monitored. A full license list can be generated. Personnel access is controlled, and all maintenance operations follow strict procedures. No auto-logon mechanisms are used. Data is anonymized, and GDPR compliance is ensured. No IoT devices are involved.
3. Identity Management
The platform uses its own internal identity system. Participants are anonymous (participation keys, UUIDs, system-generated emails). Collaborators (administrators, annotators, researchers) authenticate via email/password, invitation, and WebAuthn two-factor authentication for the web interface, and may also be issued personal API tokens from their profile to interact with the Collab API V1 from scripts. There is no local installation or workstation account, and no integration with external directories or authorization engines; access control is handled internally via Pundit with global and cohort-based roles.
4. Authentication
Administrator passwords can be modified at any time. The application is fully web/mobile and does not rely on NTLM/Kerberos or thick clients. Its N-tier architecture ensures that end users never connect directly to the database. Sensitive pages are protected (invite-only access, login attempt limits). Collaborators use strong authentication appropriate to data sensitivity; participants remain anonymous. Security best practices based on OWASP Top 10 are applied, though no formal external audit has yet been conducted.
5. Traceability
The platform logs all key events — connections, API calls, errors, and administrative actions — and version-tracks selected records via the PaperTrail gem. Logs are centralized (Papertrail, Sentry) and accessible only to the development team. User actions and data modifications are traceable, with before/after values stored for versioned models. The N-tier architecture enables correlation of session IDs and anonymized IP addresses across layers.
6. Protection Against Attacks
The cloud infrastructure includes firewalls, monitoring, and automated patching. The development team applies regular security updates and runs static code analysis (Brakeman). No remote control tools are installed on local machines.
7. Encryption
All communication uses HTTPS/TLS with forced SSL. Passwords are hashed with bcrypt, and sensitive fields are encrypted at rest. Encryption standards follow current best practices (TLS ≥ 1.2, OpenSSL). No proprietary encryption methods are used.
8. Maintenance and Remote Access
Maintenance is performed remotely via Heroku’s secure web interface and CLI, with restricted access, full traceability, and removal of temporary files after each intervention. Incidents and vulnerabilities are monitored (Sentry, RorVsWild), and updates go through a CI/CD pipeline with automated regression tests. Components are kept up to date, intervention reports are available, and access (both physical and logical) is limited to authorized staff only.
10. Confidentiality
All team members are bound by confidentiality agreements. Data processed is pseudonymized (UUIDs, no direct identifiers). Anonymization scripts and export tools can be provided for testing environments.
11. Mobile Devices and Hosting
The mobile app relies on native Android/iOS encryption and HTTPS communication. Hosting is provided within the EU (Heroku, AWS S3 EU regions). Stored data is pseudonymized, GDPR-compliant, and subject to audit if required. Collaborators authenticate securely (password + WebAuthn 2FA), can change credentials, and all passwords are securely hashed. The service runs 24/7 with monitored uptime. Data can be exported (via API or CSV) periodically, before contract termination, and at contract end. Final data destruction follows after data restitution. All external exchanges are secured (HTTPS/TLS).