Add full monorepo: virtual-banker, backend, frontend, docs, scripts, deployment

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-10 11:32:49 -08:00
parent aafcd913c2
commit 88bc76da91
815 changed files with 125522 additions and 264 deletions
--- a/docs/specs/security/privacy-controls.md
+++ b/docs/specs/security/privacy-controls.md
@@ -0,0 +1,63 @@
+# Privacy Controls Specification
+
+## Overview
+
+Privacy controls for PII protection and data residency.
+
+## PII Separation Strategy
+
+### Data Segregation
+
+**Public Data**: Blockchain data (no PII)
+**Private Data**: User accounts, KYC data (PII)
+**Storage**: Separate databases/partitions
+
+### Access Control
+
+**Public Data**: Open access
+**Private Data**: Strict access control, encryption
+
+## Tokenization/Encryption
+
+### Identity Artifacts
+
+**Encryption**: Encrypt sensitive identity documents
+**Storage**: Encrypted at rest
+**Access**: Decrypt only when needed, audit logged
+
+### Tokenization
+
+**Use Case**: Reference PII without exposing it
+**Implementation**: Store tokens, map to PII securely
+
+## Regional Data Residency Controls
+
+### Data Residency
+
+**Requirement**: Store data in specific regions per regulations
+**Implementation**: Regional databases/partitions
+**Routing**: Route user data to appropriate region
+
+### Compliance
+
+- GDPR (EU)
+- CCPA (California)
+- Others as needed
+
+## Data Retention Policies
+
+### Retention Periods
+
+**User Data**: Per regulatory requirements
+**Transaction Data**: Per regulatory requirements
+**Logs**: Per security requirements
+
+### Deletion
+
+**Right to Deletion**: Support user data deletion requests
+**Process**: Secure deletion, audit logged
+
+## References
+
+- Security Architecture: See `security-architecture.md`
+