Data Protection (GDPR)
GDPR statement detailing regional data encryptions and client protection protocols.
1. General Principles
Pifecta Store completely prioritizes user data integrity. We implement strict safeguards to satisfy regional data protection standards (GDPR). Data collections are restricted to what is necessary for functional platform operations.
2. The Encryption Mesh
All client profiles, session structures, and API webhook exchanges are encrypted during transit using TLS 1.3 tunnels. Ephemeral downloads utilize unique, expiring 15-minute signatures generated via local cryptographic salting keys (`APP_KEY` hashes) to completely mitigate data leakage.
3. Rights of the Client
Under GDPR guidelines, clients have the following rights:
- Right to Access: View all purchased templates and license strings inside the command center.
- Right to Rectification: Edit Keycloak SSO credentials directly via the secure auth portal.
- Right to Erasure: Erase purchase registers and local cart database records from storage.
- Right to Data Portability: Export dynamic blueprints as JSON arrays using local signed URLs.
4. Sub-processors
Our platform leverages secure sub-processors for crucial operations:
- Keycloak OIDC: Authenticates user roles and identity tokens.
- Stripe API: Manages card billing, ledger transfers, and refunds.
- n8n Webhook Bus: Provisions active staging nodes and triggers onboarding emails.
5. Security Breach Contingencies
In the event of an ecosystem security anomaly, Pifecta dispatches a diagnostic alert to administrators. We audit Checkpoint IPs and, if necessary, trigger global license key detonations to secure downstream client instances.