Data privacy and protection

Within the evolving domain of web3, characterized by its emphasis on decentralization and digital autonomy, the imperative of data privacy and protection cannot be understated. The digital sphere, while filled with potential, also presents unique challenges in safeguarding individual identities and personal information. As the identity layer of web3, the idOS commitment to data protection and privacy means those are part of its foundational principles.

With the emergence of self-sovereign identities, where users have the autonomy to manage and share their own data, comes the idOS goal to provide a framework that is trustworthy. In this section, we start introducing the functionalities, mechanisms, and measures that the idOS has put in place to champion data privacy and protection in the Web3 space.

Since the idOS prioritizes user privacy right from the outset, it allows for profile creation to be rooted in a valid legal basis, as further outlined in the Legal basis for profile creation and management section.

As presented under the Legal basis for sharing data section, the idOS framework also ensures that any sharing of user data with third parties is grounded on a clear and lawful basis.

It is additionally attuned to the geographical nuances of data protection, allowing for data processing activities to align with regional requirements at launch, as detailed under the Data processing location section.

The idOS blockchain integrations are designed such that user identification from on-chain data is not likely, further bolstering user privacy, which is further explained under the User Identification and on-chain data section below.

It also has embedded mechanisms to allow for the implementation of the right to be forgotten, data portability, and data rectification, ensuring users maintain control over their data. A better description of how each of these mechanisms works can be found under The right to be forgotten, Data portability, and Data rectification sections.

Lastly, the idOS approach towards issuers, node providers, and dApps is underpinned by data management policies, fostering a cohesive approach to data protection across the idOS ecosystem, which is set forth in more detail under the Third-party data management policies section.