Opt-Out Hashes
Storage for individuals/companies who have requested opt-out or erasure under GDPR Articles 17 (right to erasure) and 21 (right to object).
Source: docs/SYSTEM_OVERVIEW.md § GDPR → Opt-out.
Schema
CREATE TABLE "OptOut_Hashes" (
hashed_contact TEXT PRIMARY KEY
);Hashing — SHA-256, no plaintext
function hashContact(contact: string): string {
return crypto.createHash('sha256').update(contact).digest('hex');
}Why hashed-only
Storing plaintext contact identifiers (email, phone, org_nr) of people who asked to be erased would itself be a GDPR violation. SHA-256 is one-way: we can check membership by hashing the candidate and looking it up, but we cannot enumerate or recover the originals.
Lookup
Scrape_Job should hash incoming org_nr (and any seeded contact identifiers) and check against OptOut_Hashes before enqueueing Enrich_Job. See Pipeline.
See also
GDPR Legitimate Interest, Pipeline, RoPA Log, Database Schema, Reklamspärr.