Privacy & compliance
GDPR-aware schema
Also known as: GDPR schema split
LearnCoin's architectural pattern of storing pseudonymous identifiers on-chain and all PII off-chain under tenant-scoped RLS.
LearnCoin's GDPR-aware schema is the split that makes credential immutability compatible with the right to erasure.
On-chain: Merkle root + issuer DID ref + timestamp + tx ID. Nothing else. No PII, ever.
Inside the signed JSONLD document: credential UUID, pseudonymous recipient ID, achievement description, skill alignments, issue date, issuer reference, MerkleProof2019 signature, recipient display name (self-sovereign copy).
Off-chain (Supabase, mutable, deletable): recipient legal name, email, account data, email ↔ pseudonymous ID mapping, tenant-supplied external identifiers, submission data, analytics, attachments.
Tenant-scoped Row Level Security at the database layer prevents cross-tenant data access. Erasure deletes the off-chain mapping; the on-chain footprint remains but becomes unlinkable. LearnCoin is a data processor for tenants and a data controller for recipients who interact directly. See ADR-001 in the app repo for the full treatment, and the /trust page on this site for a non-technical version.