Evidence base
Privacy by Design · technical self-assessment
Traceable criteria instead of a blanket compliance seal.
This assessment documents which technical privacy measures MoE Sovereign supports and which duties can only be fulfilled in a concrete deployment.
Assessment matrix
Technical support and operator responsibility
“Technically supported” means that the architecture enables corresponding measures. It does not mean every installation applies them automatically or appropriately.
| Assessment area | Status | Technical support | Operator responsibility |
|---|---|---|---|
| Data minimisation | Operator-dependent | Local processing, selectable models, configurable knowledge and cache paths. | Define purpose, necessary inputs, logging scope and enabled integrations. |
| Purpose limitation | Operator-dependent | Tenant, role, template and knowledge-space separation support bounded contexts. | Define, document and enforce processing purposes. |
| Storage limitation | Technically supported | Configurable TTLs and cleanup for caches, episodes and system data. | Set appropriate periods, monitor deletion and include backups. |
| Confidentiality | Technically supported | Local inference, OIDC/RBAC, tenant controls, rootless and air-gap-capable deployment. | Manage keys, roles, segmentation, patches and physical security. |
| Data transfers | Configuration-dependent | Local operation without mandatory cloud calls; external models, research and outbound targets are explicit integrations. | Assess every endpoint, transfer basis and third-country scenario. |
| Accountability | Technically supported | Routing, request and audit telemetry plus versioned templates and configuration. | Minimise logs and govern access and retention. |
| Data-subject rights | Partially supported | Persistent data remains in controllable stores; administrative search and cleanup capabilities exist. | Ensure identity checks, complete attribution, access, export, correction and erasure processes. |
| Privacy-friendly defaults | Profile-dependent | Local, restrictive deployment profiles are possible; outbound use is configurable. | Verify that the deployed reference configuration is the most privacy-friendly choice for its purpose. |
| Security of processing | Technically supported | Hardened tool paths, security gates, OCI portability, rootless operation and access controls. | Implement risk-appropriate measures, vulnerability management, backup, recovery and incident response. |
| DPIA support | Documentation aid | Architecture, data-flow, component and routing documentation can support the technical description. | Determine necessity and perform the DPIA as controller. |
Not assessed
Case-specific legal questions
This technical overview does not assess legal basis, joint controllership, processing agreements, international transfers, sector obligations or a specific DPIA.
Maintenance and changes
An assessment is only as credible as its update process.
The matrix should be updated after material changes to persistence, authentication, outbound connections, telemetry or deployment. This is the first published version; no independent audit has been performed.