Laeserin on Nostr: It would be nice to have a description of the process you're using internally, to ...
It would be nice to have a description of the process you're using internally, to mask, shuffle, encrypt, archive, disassociate, etc. the data, to protect against accidental leaks or malicious internal or external parties, and to ensure the data is only visible and discernable and associateable with a particular customer in a particular use case and at a particular time by a particular class of employee.
Also, what is the archiving system you have in place and for how long are you legally required to store each peace of data? Will data be auto-expunged after that date and when a customer account is dormant for X length of time or ends their account?
Also, where will the physical location where the data will be stored? Will it be live local, remote inhouse, cloud, or offline?
If you have a live, associated list of e-mails, how do we know it won't get leaked or hacked, a la Ledger?
Is there a Data Security and Storage Plan, where we can see these rules?
Also, what is the archiving system you have in place and for how long are you legally required to store each peace of data? Will data be auto-expunged after that date and when a customer account is dormant for X length of time or ends their account?
Also, where will the physical location where the data will be stored? Will it be live local, remote inhouse, cloud, or offline?
If you have a live, associated list of e-mails, how do we know it won't get leaked or hacked, a la Ledger?
Is there a Data Security and Storage Plan, where we can see these rules?