# config/privacy_by_default.yamlprivacy_settings: # Default to most privacy-protective settings defaults: data_collection: "minimal" # Only essential data sharing: "none" # No third-party sharing by default retention: "shortest" # Shortest retention period analytics: "anonymized_only" # No personal data in analytics profiling: "disabled" # No automated profiling marketing: "opt_out" # No marketing communications # User must explicitly opt-in for additional processing opt_in_required: - "service_improvement_analytics" - "personalized_recommendations" - "third_party_integrations" - "extended_data_retention" # Pseudonymization by default pseudonymization: enabled: true fields: - "user_id" - "session_id" - "ip_address" method: "HMAC-SHA256" key_rotation: "90_days"
