I am looking to use Squidex as CRM/HRM, to store personal information.
According the GDPR the personal data must be deleted or “forgotten” on the user request. With the event sourcing pattern you cannot delete the events. Moreover with a document storage db the information are spread everywhere and a GDPR request could became a big issue.
The idea is to encrypt the sensitive information and be able to delete only the encryption key on a GDPR request. In this way the events and the data stay there but the content is forgotten because there is no way to retrieve.
To answer your question: who would store the key? Squidex itself, but only once to be able to remove easily when needed (e.g. when the record is canceled). Then there could be another level of security encrypting these keys with a personal key owned by the user, but it’s another step.
The same idea should be applied to the assets. In a CRM/HRM scenario the documents attached to a record (representing a person) are strictly related to the record itself so I’m not interested to see them in the “media library” and I would like they are stored encrypted, with a key related to the record. Meanwhile the pictures of a blob post should be treated as usual.
I think this feature can be interesting for the cloud version, it could make the product more flexible to be used in other scenarios than the classical CMS.