* Storage of data and metadata must follow GDPR requirements.
* This system aims to use a common login solution for authentication and authorization in WP5. The authentication and authorization should be done at a higher level, and the specific implementation is not to be considered as a part of this task.