Skip to main content
T TON Adoption
← Glossary
NODE/03 · Term

Data protection

The practice and legal requirements for safeguarding personal data: consent, minimisation, secure storage and breach notification. The major regimes are GDPR in the EU and 152-FZ in Russia.

Aliases: data protection, personal data protection

Data protection is the body of practices and legal rules governing how organisations collect, store and use information about people.

Core principles

  • Consent and lawfulness. Data is processed on a lawful basis.
  • Minimisation. Only the necessary minimum is collected.
  • Secure storage. Encryption, access control, breach prevention.
  • Breach notification. When data is compromised, the regulator and the subjects are informed.

Major regimes

  • GDPR — the EU’s strictest and most influential standard.
  • 152-FZ — Russia’s personal-data law.
  • Local laws in the US, the UK and other countries.

Crypto and TON angle

A blockchain is pseudonymous, not anonymous: addresses are public and the transaction graph is visible to everyone. That shapes data protection:

  • Linking an address to an identity (via KYC at an exchange) de-anonymises the entire history.
  • On-chain data cannot be deleted — which conflicts with the right to erasure.
  • That is why personal data is kept off-chain, with only hashes or references written on-chain.

This is general information, not legal advice; specific requirements depend on the jurisdiction and can change.

Related terms