Pillar 06

Compliance

Legal structure, data residency by design, audit trails, and member data rights. Built for organizations that need to demonstrate accountability — to regulators, to their members, and to themselves.

Legal structure

irl.coop is a Wyoming Decentralized Unincorporated Nonprofit Association (DUNA). This structure provides:

• Legal recognition as a cooperative entity in the United States
• No profit distribution to any member or investor
• Member governance without a traditional board of directors
• Compatibility with on-chain governance mechanisms
• Pathway to 501(c)(3) nonprofit status for philanthropic funding eligibility

The cooperative's bylaws, membership agreements, and operational policies are published and governed on-chain. Changes require a member vote.

Data residency

Data residency is a first-class concern, not an afterthought. The shard architecture means each cooperative operates its own data nodes. A cooperative based in Germany operates nodes in Germany; a cooperative in Brazil operates nodes in Brazil. There is no shared storage pool that creates cross-border data flows by default.

For cooperatives subject to GDPR, LGPD, or other data protection regimes, this architecture satisfies the data residency requirement structurally — no configuration required.

Audit trails

Every significant action in the platform generates an audit event:

• Member authentication events (login, logout, method change)
• Authorization decisions (access granted, access denied)
• Data access events (who accessed which resource and when)
• Governance actions (proposals created, votes cast, decisions executed)
• Treasury transactions (contributions, payments, transfers)
• Administrative actions (role changes, member status changes)

Audit logs are append-only and cryptographically signed by the platform. They cannot be modified retroactively. Members can request an export of all audit events relating to their account.

Member data rights

Right to access

Members can export all data associated with their account at any time: profile data, messages, files, governance participation, and financial records. The export is provided in standard machine-readable formats (JSON, CSV, Maildir).

Right to deletion

Members can request deletion of their account and associated data. The platform executes a verifiable deletion workflow that removes data from the active database, object store, and communication servers. A deletion receipt is issued as a signed credential.

Note: data that is part of governance records (votes, proposals, treasury transactions) may be retained in anonymized form to preserve the integrity of the historical record. Members are informed of this at registration.

Right to portability

Exported data can be imported into another irl.coop shard or any compatible federated system. The cooperative does not impose lock-in through data formats or proprietary APIs.

Cooperative accountability

Beyond individual member rights, the cooperative has accountability obligations to its membership as a whole. The platform supports:

• Annual financial statements generated from treasury data
• Member-accessible dashboards showing aggregate platform usage and costs
• Governance participation statistics (proposal count, vote turnout)
• Infrastructure health and uptime history visible to all members

See also

• Storage — data residency implementation
• Finance — financial record-keeping
• Governance — how compliance policies are updated
• Lifecycle — compliance during dissolution