“The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR's primary aim is to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1] Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements related to the processing of personal data of individuals (formally called data subjects in the GDPR) who are located in the EEA, and applies to any enterprise—regardless of its location and the data subjects' citizenship or residence—that is processing the personal information of individuals inside the EEA.”

Today every citizen uses multiple apps, games, websites, and needs to store many information that are spread over hundreds of databases over which the user has no control whatsoever.

The Avatar provides a way to store these informations in a safe crypto storage by exploiting the blockchain in order to safely write the encrypted data and give access to anyone that requests them, and the citizen approves.

This allows users to have control over their data, with a Gamified approach and a reward system.

Personal Data Storage, share what you what, when you want.

- Change once, update all

- Complete ownership of your data

- Teach the user the value of privacy and reward them

- Flexible and powerful permission system on your data

- Traceability, transparency and immutability applied to the permission and access to personal data

- Tokenization of reward

- Cryptographic security

- Gamification for everyone

- Easy to use, no exchange, no third party app, all in one place

- No expenses for users

We’ve built a generic Character Sheet with a wide (and flexible) range of characteristics to describe a user without gathering any specific data. All the characteristics are split in 3 main areas:
Physical, Mental, Empathy, and an alignment.

Then each app can have their private storage where the user can store their info and manage the permissions to access them at any time.

This has been designed in order to reduce the duplicated data, giving access to some info to multiple storage, updating them in one place and deciding when and to whom to give access.

The RPG part is the only anonymous public information that anyone can read, and that can be used to personalize the experience for anyone, without access to any sensible data.

A user downloads the Avatar App, generates inside the app its private crypto key using secp256k1 algorithm and chooses a password to protect it. Then it requests access to the Blockchain Avatar Smart contract to create its Avatar. If the user already possesses a secp256k1 key (bitcoin and ethereum wallet use the same algorithm) it can import its private key in the app. Unlock it with the password and request to create an Avatar using that. If the user already has an Avatar it can import its private key, unlock it and that doesn't require a request for Avatar creation.

Then, using its private key the app requests its Avatar’s information. The Character sheet and the Private Data linked to the Avatar are downloaded from the blockchain.

There is a setting to keep these information in memory only, which means they need to be retrieved every time the app is loaded, but also that data is not lost if the user loses the Smartphone/Wallet. It can be configured to require the password every time it does an action, or just once per session. For security reasons, no allowance to biometric access is implemented (fingerprint and face recognition are very weak authentications).

Then the user can see its data and manage permissions to allow third parties to access its data and at what time. The App will download all the “permission request” notifications that must be sent by blockchain, and allows the user to approve, modify or deny them by using its private key as a signing feature.

Each app affiliated to the Avatar should implement a “permission request”: it is able to see the available information on the Avatar for each user, but it is not allowed to know the values inside them. Then the Apps can send the request through the blockchain with a signed transaction by the App Key.

The user can choose if it allows that App; she can also change the starting and ending time of the allowance, in order to permit to the apps to download the required informations in a time range: update info can be retrieved by the apps only if the user give them read access, and if the timestamp of the read request is between start time and end time.

Each app also has a special permission, that is to the Character sheet update feature; the user can allow a company to update its character sheet every time they want, if it's between start time and end time again. That allows the company to push character stats change during this period of usage.

Instead, the access to the Character sheet in read is free to use for everyone, as these are anonymous data.
All the data are saved in json format and bring with them the associated json schema to avoid wrong formatting or wrong data in insertion time.

The company that associates to the Avatar system must submit the data they require, this list is reviewed for duplicated data or bad definition, and once approved, a new schema is pushed into the blockchain by the admin to get accepted by all clients.

The reward system is based on crypto tokens generated in the Avatar blockchain and is used to engage users or reward them with services by the associated apps, these tokens could be converted then into third party app features / assets or exchanged between all the users.

A videogame that engages the user in knowing how personal data should be managed and shared is going to be built for educational purposes.