Privacy by Design & Default

# config/privacy_by_default.yaml
privacy_settings:
  # Default to most privacy-protective settings
  defaults:
    data_collection: "minimal"  # Only essential data
    sharing: "none"  # No third-party sharing by default
    retention: "shortest"  # Shortest retention period
    analytics: "anonymized_only"  # No personal data in analytics
    profiling: "disabled"  # No automated profiling
    marketing: "opt_out"  # No marketing communications

  # User must explicitly opt-in for additional processing
  opt_in_required:
    - "service_improvement_analytics"
    - "personalized_recommendations"
    - "third_party_integrations"
    - "extended_data_retention"

  # Pseudonymization by default
  pseudonymization:
    enabled: true
    fields:
      - "user_id"
      - "session_id"
      - "ip_address"
    method: "HMAC-SHA256"
    key_rotation: "90_days"