When it comes to balancing control between external vendors and internal operations, our approach varies based on the sensitivity of the material. For instance, the transcripts of my meetings are public domain, released under Creative Commons Zero, and are published on the IPFS network, ensuring their permanence and public accessibility. In contrast, for personal data, we are striving for GDPR adequacy and adhere to European standards. This includes employing privacy-enhancing technologies. For example, confidential but not top-secret official documents are signed by me using end-to-end encryption on my phone, ensuring even our system maintainers cannot access their contents.