As this is a backend application that uses personal data in order to detect and determine fraud in online transactions, it must comply with the respective legislation.
First, an investigation on the matter must be done. I'm thinking about the possibility of contacting with some lawyer or counseling organization so they can help me with this.
As a minimum, I will focus on complying with the General Data Protection Regulation (GDPR) from the European Union. This may include Privacy Policies, consent gathering (I have to study to which extent this can be delegated to frontend applications that will consume ours), distribution of responsibility and a I don't know how long et cetera.
I will be posting on this issue the advancements on this matter.
As this is a backend application that uses personal data in order to detect and determine fraud in online transactions, it must comply with the respective legislation.
First, an investigation on the matter must be done. I'm thinking about the possibility of contacting with some lawyer or counseling organization so they can help me with this.
As a minimum, I will focus on complying with the General Data Protection Regulation (GDPR) from the European Union. This may include Privacy Policies, consent gathering (I have to study to which extent this can be delegated to frontend applications that will consume ours), distribution of responsibility and a I don't know how long et cetera.
I will be posting on this issue the advancements on this matter.