# Privacy-aware data encryption pipeline function Protect-SensitiveData { param( [Parameter(Mandatory)] [string]$Data, [SecureString]$Key ) $aes = [System.Security.Cryptography.Aes]::Create() $aes.Key = ConvertFrom-SecureString $Key -AsPlainText $aes.GenerateIV() $encryptor = $aes.CreateEncryptor() $bytes = [Text.Encoding]::UTF8.GetBytes($Data) $encrypted = $encryptor.TransformFinalBlock($bytes, 0, $bytes.Length) return [Convert]::ToBase64String($aes.IV + $encrypted) } # Secure credential storage using DPAPI function Set-SecureCredential { param( [string]$Name, [PSCredential]$Credential ) $path = Join-Path $env:LOCALAPPDATA "SecureStore" if (-not (Test-Path $path)) { New-Item -Path $path -ItemType Directory -Force } $export = @{ Username = $Credential.UserName Password = $Credential.Password | ConvertFrom-SecureString } $export | ConvertTo-Json | Set-Content "$path\$Name.json" } # Hash verification for data integrity function Test-DataIntegrity { param( [string]$FilePath, [string]$ExpectedHash, [ValidateSet('SHA256','SHA512','MD5')] [string]$Algorithm = 'SHA256' ) $hash = Get-FileHash -Path $FilePath -Algorithm $Algorithm return $hash.Hash -eq $ExpectedHash } # Audit log writer with tamper detection function Write-AuditLog { param( [string]$Action, [string]$Resource, [string]$User = $env:USERNAME ) $entry = @{ Timestamp = [DateTime]::UtcNow.ToString('o') Action = $Action Resource = $Resource User = $User Machine = $env:COMPUTERNAME } $json = $entry | ConvertTo-Json -Compress $hash = [BitConverter]::ToString( [Security.Cryptography.SHA256]::Create().ComputeHash( [Text.Encoding]::UTF8.GetBytes($json) ) ).Replace('-', '') return "$json|$hash" } # Certificate validation chain checker function Test-CertificateChain { param([X509Certificate2]$Certificate) $chain = [X509Chain]::new() $chain.ChainPolicy.RevocationMode = 'Online' $chain.ChainPolicy.RevocationFlag = 'EntireChain' $isValid = $chain.Build($Certificate) if (-not $isValid) { foreach ($status in $chain.ChainStatus) { Write-Warning $status.StatusInformation } } return $isValid } # Secure random token generator function New-SecureToken { param([int]$Length = 32) $rng = [Security.Cryptography.RNGCryptoServiceProvider]::new() $bytes = [byte[]]::new($Length) $rng.GetBytes($bytes) return [Convert]::ToBase64String($bytes) } # Data anonymization for GDPR compliance function Invoke-DataAnonymization { param( [PSObject]$Record, [string[]]$SensitiveFields ) $result = $Record.PSObject.Copy() foreach ($field in $SensitiveFields) { if ($result.PSObject.Properties[$field]) { $value = $result.$field $hash = [BitConverter]::ToString( [Security.Cryptography.SHA256]::Create().ComputeHash( [Text.Encoding]::UTF8.GetBytes($value) ) ).Replace('-','').Substring(0, 16) $result.$field = "ANON_$hash" } } return $result } # Privacy-aware data encryption pipeline function Protect-SensitiveData { param( [Parameter(Mandatory)] [string]$Data, [SecureString]$Key ) $aes = [System.Security.Cryptography.Aes]::Create() $aes.Key = ConvertFrom-SecureString $Key -AsPlainText $aes.GenerateIV() $encryptor = $aes.CreateEncryptor() $bytes = [Text.Encoding]::UTF8.GetBytes($Data) $encrypted = $encryptor.TransformFinalBlock($bytes, 0, $bytes.Length) return [Convert]::ToBase64String($aes.IV + $encrypted) } # Secure credential storage using DPAPI function Set-SecureCredential { param( [string]$Name, [PSCredential]$Credential ) $path = Join-Path $env:LOCALAPPDATA "SecureStore" if (-not (Test-Path $path)) { New-Item -Path $path -ItemType Directory -Force } $export = @{ Username = $Credential.UserName Password = $Credential.Password | ConvertFrom-SecureString } $export | ConvertTo-Json | Set-Content "$path\$Name.json" }

Lieben Consultancy

Privacy Policy

Last updated: May 2025

Who We Are

Lieben Consultancy is an independent consultancy based in the Netherlands, specializing in cloud solutions, automation, infrastructure as code, and Microsoft 365 security and compliance.

Data Collection & Usage

We collect minimal personal data required to provide our services:

Contact information (name, email) when you reach out to us
Technical data required to deliver consulting services
Communication records for project continuity

We do not sell, rent, or share your personal data with third parties for marketing purposes.

Legal Basis

We process personal data based on:

Contract performance - To deliver services you've requested
Legitimate interests - For business operations and improvement
Consent - When you've explicitly agreed to specific processing

Data Retention

We retain personal data only as long as necessary for the purposes collected, typically:

Project data: Duration of engagement plus 7 years for legal requirements
Contact information: Until you request removal
Communication logs: 2 years after last interaction

Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

Access - Request a copy of your personal data
Rectification - Correct inaccurate data
Erasure - Request deletion of your data ("right to be forgotten")
Portability - Receive your data in a structured format
Objection - Object to certain types of processing
Restriction - Limit how we use your data

Security Measures

We implement appropriate technical and organizational measures to protect your data, including encryption, access controls, and regular security assessments.

Cookies & Tracking

This website does not use tracking cookies or third-party analytics. We believe in privacy-first web experiences.

Contact Us

For privacy-related inquiries or to exercise your rights:

Email: jos@lieben.nu

Website: Contact Form