{ "schema": "https://saferpage.de/schemas/trust-status-communications.v1", "generated_at": "2026-06-09T04:47:47+00:00", "domain": "debatte.bild.de", "available": true, "scan": { "id": "527056e1-4769-494c-9d23-367228f594ab", "checked_at": "2026-06-08 17:09:38.203083+02" }, "status": "status_communications_blueprint_ready", "summary": "Trust-Status-Kommunikation fuer debatte.bild.de: 6 Statusflaechen, 6 Ereignistypen, 6 Publish-Gates, Score 100.", "metrics": { "status_surface_count": 6, "event_type_count": 6, "publish_gate_count": 6, "message_template_count": 5, "channel_count": 5, "guardrail_count": 6, "history_count": 1, "readiness_score": 100 }, "status_surfaces": [ { "id": "public_status_link", "label": "Oeffentlicher Status-/Uptime-Link", "visibility": "public", "purpose": "Betriebsstatus, Wartung und grobe Verfuegbarkeit teilen, ohne interne Systeme offenzulegen.", "publish_rule": "Nur sanitisierte Komponenten und keine personenbezogenen Viewer- oder Incident-Details." }, { "id": "trust_center_announcements", "label": "Trust-Center Announcements", "visibility": "public_or_approved", "purpose": "Security-, Compliance-, Subprocessor- und Produktupdates im Trust Center erklaeren.", "publish_rule": "Kategorie, Zielgruppe, Freigabe und Ablaufdatum pro Announcement setzen." }, { "id": "incident_banner", "label": "Incident- oder Wartungsbanner", "visibility": "public_or_approved", "purpose": "Kundenorientierte Stoerungs- oder Security-Hinweise mit Update-Timeline zeigen.", "publish_rule": "Nur nach Legal/DSB/Security-Freigabe und Kommunikationsplan aktivieren." }, { "id": "subscriber_digest", "label": "Subscriber-Digest", "visibility": "subscribed", "purpose": "Abonnenten ueber relevante Trust-, Security- und Privacy-Aenderungen informieren.", "publish_rule": "Double-Opt-in, Abmeldung und Segment-Policy erzwingen." }, { "id": "security_advisory", "label": "Security Advisory", "visibility": "approved_or_public", "purpose": "Vulnerability-, Patch- oder Mitigation-Hinweise transparent und kontrolliert kommunizieren.", "publish_rule": "CVE/Severity/Impact nur veroeffentlichen, wenn Missbrauchsrisiko und Kundenwirkung bewertet sind." }, { "id": "private_customer_notice", "label": "Private Kundenbenachrichtigung", "visibility": "approved_viewers", "purpose": "Betroffene Kunden gezielt statt oeffentlich informieren.", "publish_rule": "Keine offenen Empfaengerlisten; Access-Scope, NDA und Auditlog respektieren." } ], "event_types": [ { "id": "maintenance", "label": "Wartung", "default_severity": "info", "sla": "vorher ankuendigen", "approval": "Operations + Trust Owner" }, { "id": "degraded_performance", "label": "Eingeschraenkte Leistung", "default_severity": "medium", "sla": "zeitnah aktualisieren", "approval": "Operations" }, { "id": "security_incident", "label": "Security Incident", "default_severity": "high", "sla": "Incident-Bridge und DSB/Legal einbinden", "approval": "Security + DSB/Legal" }, { "id": "privacy_breach_review", "label": "DSGVO 72h-Pruefung", "default_severity": "high", "sla": "Kenntniszeitpunkt und Meldeentscheidung dokumentieren", "approval": "DSB/Legal" }, { "id": "subprocessor_change", "label": "Subprozessor-/Vendor-Aenderung", "default_severity": "medium", "sla": "Notice-Frist und Einspruchsprozess pruefen", "approval": "Legal/Vendor Owner" }, { "id": "policy_or_notice_change", "label": "Datenschutz-/Policy-Aenderung", "default_severity": "info", "sla": "Version, Quelle und wirksames Datum setzen", "approval": "Datenschutz/Content" } ], "publish_gates": [ { "id": "classification", "label": "Ereignis klassifizieren", "owner": "Trust Owner", "rule": "Public Status, Approved Viewer Notice, Incident, Advisory oder interner Log-Eintrag unterscheiden." }, { "id": "legal_privacy_review", "label": "DSB/Legal-Freigabe", "owner": "DSB/Legal", "rule": "Bei Security-, Privacy- oder Kundenwirkung vor externem Versand erforderlich." }, { "id": "component_sanitization", "label": "Komponenten sanitizen", "owner": "Operations", "rule": "Keine internen Hostnamen, IPs, Kundennamen, Tickets, Secrets oder personenbezogenen Details veroeffentlichen." }, { "id": "timeline_check", "label": "Timeline pruefen", "owner": "Incident Lead", "rule": "Started, detected, mitigated, resolved und next update getrennt dokumentieren." }, { "id": "audience_scope", "label": "Zielgruppe begrenzen", "owner": "Trust Center Owner", "rule": "Public, Approved, Access Group, Subscriber oder konkrete betroffene Kunden bewusst waehlen." }, { "id": "retention_cleanup", "label": "Retention und Loeschung", "owner": "Compliance", "rule": "Drafts, Subscriber-Events, Zustelllogs und Viewer-Bezug befristet oder de-identifiziert halten." } ], "message_templates": [ { "id": "initial_notice", "label": "Initial Notice", "fields": [ "summary", "impact_window", "affected_surface", "next_update_at", "contact_path" ], "tone": "kurz, sachlich, keine Spekulation" }, { "id": "update_notice", "label": "Fortschrittsupdate", "fields": [ "current_status", "mitigation", "remaining_impact", "next_step" ], "tone": "konkret, zeitnah, nachvollziehbar" }, { "id": "resolved_notice", "label": "Resolved Notice", "fields": [ "resolved_at", "root_cause_category", "customer_action", "follow_up" ], "tone": "klarer Abschluss, keine internen Details" }, { "id": "security_advisory", "label": "Security Advisory", "fields": [ "severity", "affected_version_or_surface", "mitigation", "customer_action", "credits" ], "tone": "sicherheitsbewusst, koordinierte Offenlegung" }, { "id": "privacy_notice", "label": "Datenschutz-Mitteilung", "fields": [ "data_categories", "risk_assessment", "measures", "rights_contact", "legal_status" ], "tone": "DSGVO-konform, verstaendlich, mit Freigabe" } ], "channels": [ { "id": "status_page", "label": "Status Page", "payload": [ "component", "status", "severity", "message", "updated_at" ], "privacy": "Public nur sanitisierte Komponenten." }, { "id": "trust_announcement", "label": "Trust Center Announcement", "payload": [ "category", "audience", "summary", "source_url", "expires_at" ], "privacy": "Access-Level und NDA respektieren." }, { "id": "email_subscriber", "label": "Subscriber-E-Mail", "payload": [ "subscriber_segment", "digest_id", "update_ids" ], "privacy": "Double-Opt-in, Abmeldung, Empfaenger nur intern gehasht." }, { "id": "slack_teams_internal", "label": "Slack/Teams intern", "payload": [ "event_id", "severity", "owner_role", "safe_link" ], "privacy": "Keine Kundendaten oder Rohlogs im Chat." }, { "id": "crm_case_note", "label": "CRM/Case Note", "payload": [ "account_domain_hash", "event_id", "status", "safe_link" ], "privacy": "Nur Feldallowlist und Domain-Hash." } ], "guardrails": [ { "id": "no_public_raw_incidents", "label": "Keine Rohvorfaelle oeffentlich posten", "status": "enforced" }, { "id": "no_subscriber_export", "label": "Keine Subscriber-Identitaeten im oeffentlichen Export", "status": "enforced" }, { "id": "human_approval_required", "label": "Externe Incident- oder Advisory-Texte brauchen menschliche Freigabe", "status": "required" }, { "id": "component_allowlist", "label": "Status-Komponenten nur ueber Allowlist", "status": "required" }, { "id": "dach_privacy_language", "label": "Deutschsprachige Datenschutz- und Kundenwirkung klar formulieren", "status": "required" }, { "id": "postmortem_redaction", "label": "Postmortem vor Veroeffentlichung redigieren", "status": "required" } ], "communications_contract": { "does_not_publish_live_status": true, "does_not_send_notifications": true, "does_not_export_subscribers": true, "required_before_live": [ "operator_auth", "component_allowlist", "incident_classification", "legal_privacy_review", "subscriber_consent", "unsubscribe", "audit_log", "retention_job" ] }, "links": { "html": "https://saferpage.de/trust/debatte.bild.de/status-kommunikation", "json": "https://saferpage.de/trust/debatte.bild.de/status-kommunikation-json", "csv": "https://saferpage.de/trust/debatte.bild.de/status-kommunikation-csv", "markdown": "https://saferpage.de/trust/debatte.bild.de/status-kommunikation-md", "trust_center": "https://saferpage.de/trust/debatte.bild.de", "trust_updates": "https://saferpage.de/trust-updates/debatte.bild.de", "incident_center": "https://saferpage.de/vorfall/debatte.bild.de", "communications": "https://saferpage.de/trust/debatte.bild.de/kommunikation", "viewer_privacy": "https://saferpage.de/trust/debatte.bild.de/viewer-datenschutz", "subprocessors": "https://saferpage.de/trust/debatte.bild.de/subprozessoren", "trust_analytics": "https://saferpage.de/trust-analytics/debatte.bild.de", "crm_sync": "https://saferpage.de/trust-analytics/debatte.bild.de/crm-sync", "api_operations": "https://saferpage.de/trust/debatte.bild.de/api" }, "disclaimer": "Diese oeffentliche SaferPage-Seite ist ein Status-Kommunikations-Blueprint. Sie veroeffentlicht keine echten Vorfaelle, verschickt keine Benachrichtigungen und exportiert keine Subscriber- oder Kundendaten." }