Data Categories
| Category | Examples | Storage | Retention |
|---|---|---|---|
| Public blockchain data | TVL, transactions, holder counts | SQLite + ClickHouse | Indefinite |
| Public economic data | FRED rates, ECB data, World Bank | SQLite | Indefinite |
| Derived scores | Risk scores, CCI scores | SQLite (versioned) | Indefinite |
| Evidence artifacts | Signed evidence packs, Merkle proofs | File system + on-chain | Indefinite |
| API credentials | API keys, email addresses | JSON/SQLite (encrypted at rest) | Until account deletion |
| Access logs | Request metadata (IP, endpoint, timestamp) | Log files | 90 days |
Data Not Collected
- No customer financial data, account balances, or portfolio positions
- No government-issued identity documents
- No payment card information (payments via external processor)
- No tracking cookies or behavioral analytics on API consumers
- No biometric data
Data Residency
| Component | Location | Purpose |
|---|---|---|
| Primary API servers | Germany (netcup GmbH) | API processing, databases, signing |
| Gateway/backup server | Germany (netcup GmbH) | Orchestration, monitoring, off-site backup |
| CDN / DDoS | Cloudflare (EU primary, global edge) | TLS termination, caching, protection |
| On-chain anchors | Polygon + XRPL (decentralized) | Tamper-proof timestamping (hashes only) |
Data residency: All customer data stored exclusively on EU infrastructure (Germany). On-chain anchors contain only SHA-256 hashes — no PII.
Deletion & Portability
| Request | Process | Timeline |
|---|---|---|
| Account deletion | Email to privacy@feedoracle.io | 30 days |
| API key revocation | Self-service or email | Immediate |
| Log deletion | Automatic after retention period | 90-day rolling |
| Data export | Email to privacy@feedoracle.io | 30 days |
Subprocessors
| Subprocessor | Purpose | Location |
|---|---|---|
| netcup GmbH | Server hosting (VPS) | Germany |
| Cloudflare, Inc. | CDN, DDoS protection, TLS | EU primary (global edge) |
| Polygon Network | On-chain anchoring (hashes only) | Decentralized |
| XRP Ledger | On-chain anchoring (hashes only) | Decentralized |
Incident Response
| Phase | Target |
|---|---|
| Detection | Automated monitoring with real-time alerts |
| Initial assessment | ≤ 1 hour for critical severity |
| Customer notification (breach) | ≤ 72 hours per GDPR Art. 33 |
| Root cause analysis | Post-incident report within 5 business days |
| Remediation | Critical: ≤ 72h. High: ≤ 5 business days. |