Roles
- ZADA is a Data Processor, not a Data Controller.
- The issuer is the Data Controller, holding the data to be sent to the individual over a secure connection using a DIDComm channel that ensures a secure and private communication.
- The ZADA Network exists to enable the exchange of credentials between Issuers/Verifiers (Tenants) and Wallets (Credential Holders).
How the data is handled
- No personal data is stored anywhere except in the verifiable credential stored in the holder’s wallet
- No personal data is stored anywhere except in the verifiable credential stored in the holder’s wallet
- The data is encrypted in both transit and rest and sent over secure P2P connections (DIDComm).
- The Wallet is encrypted by the wallet holder’s device, and its credential data cannot be accessed or shared without the wallet holder’s permission.
What goes on the public ledger
- Decentralised identifiers and associated DDOs with verification keys and endpoints.
- Schemas and claim definitions
- Proof of consent for data sharing
- Public claims
- Revocation registries
What does not go on the public ledger
- Private data of any kind (including hashed personal data)
- Private proof of the existence