Data Privacy and Protection
inabit API's Data Privacy and Protection Policy Guidelines
Data Privacy and Protection
At inabit, privacy and data protection are foundational principles. Our platform is designed to operate without handling or storing any Personally Identifiable Information (PII). This ensures that businesses using inabit can maintain the highest level of data security and compliance with global regulations like GDPR, CCPA, and others.
How inabit Protects Privacy
No PII Handling
Anonymized Data Only: inabit works exclusively with anonymized tokens, such as Universally Unique Identifiers (UUIDs), to represent client data.
Customer Responsibility: Businesses using inabit retain full control of their sensitive client data. They are responsible for mapping anonymized tokens to actual client identifiers in their internal systems, ensuring that sensitive data never resides within inabit’s infrastructure.
Integration with inabit’s GraphQL API
All interactions with inabit’s platform, including wallet management and transaction operations, must use anonymized tokens when sending client-related data via our GraphQL API.
This ensures that persistent fields where customer-related data is stored contain only anonymized references, never actual client PII.
Recommended Practices for Customers
To align with inabit's privacy policies and maximize security, we recommend the following practices:
Generate Anonymized Tokens:
Use UUIDs or other anonymized identifiers to represent client data in your system.
Ensure that these tokens are unique and securely mapped to real client data within your environment.
Secure Internal Mapping:
Maintain a secure and encrypted mapping between anonymized tokens and actual client identifiers in your systems.
Use role-based access controls to limit who can access this mapping.
GraphQL API Usage:
Always pass anonymized tokens when interacting with inabit's GraphQL API.
Avoid including any sensitive information or PII in your API requests.
inabit API Fields Requiring Anonymized Tokens
The table below outlines key fields in inabit’s GraphQL API where customer-related information might be referenced. These fields must contain anonymized tokens:
GraphQL Query/Mutation
Field Name
Description
createWallet
externalWalletId
An identifier used to associate wallets with clients.
createTransferRequest
externalTransactionId
A unique identifier to track client transactions.
addContact
externalContactId
Used to identify contacts of asset transfers.
By ensuring these fields only contain anonymized tokens, you can maintain robust privacy and compliance while leveraging inabit’s platform.
Benefits of This Approach
Enhanced Security:
Sensitive client data stays under your control and never enters inabit’s systems, reducing the risk of breaches.
Regulatory Compliance:
This setup supports compliance with privacy regulations like GDPR, CCPA, and other regional laws.
Operational Flexibility:
Anonymized tokens enable seamless integration with inabit’s API without compromising sensitive data.
Client Trust:
By adhering to a privacy-first approach, you demonstrate a strong commitment to protecting your clients’ data.
Policy Summary
inabit’s platform is built with a privacy-first architecture, ensuring that sensitive client data remains entirely under the control of the businesses we serve. By leveraging anonymized tokens and securely managing data mappings within your systems, you can safely utilize inabit's advanced wallet and transaction management features while maintaining the highest data protection standards. For further assistance or questions, please contact our support team.
Last updated