Legal Standards Compliance Map

GDPR (European Union)

• Data minimization and purpose limitation for website data.
• User rights for access, correction, deletion, and objection supported via contact channel.
• International transfers safeguarded through appropriate mechanisms.
• No on-chain storage of identifiable personal data.

UK Data Protection Act / UK GDPR

• Aligned with GDPR-like principles for fairness, transparency, and lawfulness.
• Primary jurisdiction for EBIS Next Generation ID Ltd.

DIFC Data Protection Law

• Explicit consent and risk-based controls for any high-risk processing.
• Design principle: biometric/genomic raw data handled through encrypted, off-chain mechanisms.

UAE Federal Data Law

• Support for user control and security of data.
• Cross-border transfers considered under contractual and technical safeguards.

Summary

The EBUID and Genometric frameworks are designed to avoid storing sensitive personal or biometric data on-chain, to use encryption and consent-driven identity frameworks, and to enable user rights consistent with GDPR, UK, DIFC, and UAE data protection principles.