Benjamin_Boenisch/breakpilot-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
583 Commits 4 Branches 0 Tags
9888b1b5d7fb313c2e39881c784a2989b853e51e
Commit Graph

1 Commits

Author SHA1 Message Date
Sharang Parnerkar 5946aa47d5 fix(pitch-deck): GDPR compliance — automated cleanup, full Art. 13 notice
Build pitch-deck / build-push-deploy (push) Successful in 1m37s
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-consent (push) Successful in 38s
Details
CI / test-python-voice (push) Successful in 32s
Details
CI / test-bqas (push) Successful in 30s
Details 
- runDataCleanup() replaces maskOverdueInvestors(): now also anonymizes
  never-activated invites after 90 days, deletes sessions + magic links
  older than 30 days, NULLs IPs in audit logs older than 30 days, and
  redacts email from audit log details JSONB for masked investors
- New /api/admin/cleanup POST endpoint for scheduled invocation
- New .gitea/workflows/pitch-cleanup.yml: daily cron at 02:00 UTC calls
  the cleanup endpoint so anonymization is genuinely automatic, not lazy
- Switch masking window from first_activity_at to last_login_at (30 days
  of inactivity; resets on each login)
- Both auth pages: DSGVO footer now covers all Art. 13 requirements —
  data categories, retention cutoffs, Art. 15–21 rights, contact address,
  LfDI Baden-Württemberg as supervisory authority

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-01 15:11:51 +02:00