Summary
Trivela collects wallet addresses and campaign activity data. While wallet addresses are pseudonymous, GDPR and similar privacy regulations require platforms to provide data export and deletion upon user request — especially relevant as Trivela targets EU users in the Stellar ecosystem.
Problem
- No data export endpoint for users to download their data
- No deletion endpoint to remove user-associated records
- Audit logs reference wallet addresses which may constitute personal data in some jurisdictions
Acceptance Criteria
References
backend/src/dal/auditLogRepository.jsbackend/src/middleware/apiKeyAuth.js
Summary
Trivela collects wallet addresses and campaign activity data. While wallet addresses are pseudonymous, GDPR and similar privacy regulations require platforms to provide data export and deletion upon user request — especially relevant as Trivela targets EU users in the Stellar ecosystem.
Problem
Acceptance Criteria
GET /api/v1/user/:walletAddress/export— returns all data associated with a wallet address:application/jsondownload headerDELETE /api/v1/user/:walletAddress— pseudonymizes wallet address in all records (replace with[REDACTED:sha256_prefix])docs/DEPLOYMENT.mdReferences
backend/src/dal/auditLogRepository.jsbackend/src/middleware/apiKeyAuth.js