CORD, by design, is compliant with the General Data Protection Regulation (GDPR) and the Digital Personal Data Protection (DPDP) regulations as it neither collects nor stores Personally Identifiable Information (PII). Compliance with GDPR and DPDP is inherently ensured through this privacy-by-design approach. Additionally, all data handled by CORD is strictly non-personally identifiable information (PII), consisting solely of tokenized assets, credentials, and verifiable cryptographic proofs.
Any application or decentralized solution developed on the CORD framework that collects or manages PII is responsible for ensuring compliance with GDPR, DPDP, and other applicable privacy and data protection laws in its operational jurisdiction independently. Implementers and developers must provide their legal documentation and evidence of compliance accordingly.
The CORD project and community utilize third-party software and services for project management and community engagement. While we carefully select and regularly review these third-party services, their respective privacy standards, practices, and policies are independently managed by them and beyond our direct control.
- GItHub: https://docs.github.com/en/github/site-policy/github-privacy-statement
- YouTube: https://policies.google.com/privacy
- Zoom: https://zoom.us/privacy
- Google Meet: https://policies.google.com/privacy?hl=en
- Discord: https://discord.com/privacy