Add data classification standard

This commit is contained in:
Katrin Hoffmann 2026-02-24 11:00:00 +00:00
parent a9f8e7a1bd
commit 1ed53abe8c

View file

@ -0,0 +1,18 @@
# Data Classification Standard
**Version:** 1.0 | **Owner:** Compliance | **Classification:** Internal
## Classification levels
| Level | Examples | Handling |
|-------|---------|---------|
| Public | Marketing materials, press releases | No restrictions |
| Internal | This document, org charts | Nexus staff only |
| Confidential | Customer data, financial reports | Need-to-know, encrypt at rest |
| Restricted | Credentials, encryption keys, PII | Vault only, no email, audit logged |
## PII handling
All personally identifiable information is classified as **Confidential** minimum.
Processing of PII requires GDPR lawful basis and must be documented in the data register.
Contact dpo@nexus.local with questions.