- Correctie reset password en confirm email adress by adapting the prefixed_url_for to use config setting

- Adaptation of DPA and T&Cs
- Refer to privacy statement as DPA, not a privacy statement
- Startup of enforcing signed DPA and T&Cs
- Adaptation of eveai_chat_client to ensure we retrieve correct DPA & T&Cs

content/Security & Compliance/Assurance Questions.md

@@ -4,17 +4,17 @@ No, we do not currently have a formal information security policy document. As a
 However, we do maintain several key security practices:
 Product Security (Evie SaaS Platform):
 
-Multi-tenant architecture with strict data isolation (separate database schemas and object storage folders per tenant)
-Hosted exclusively with European providers (Scaleway, Bunny.net, Mistral) compliant with EU regulations
-Published Privacy Policy and Terms & Conditions
-GDPR-compliant data handling practices
+- Multi-tenant architecture with strict data isolation (separate database schemas and object storage folders per tenant)
+- Hosted exclusively with European providers (Scaleway, Bunny.net, Mistral) compliant with EU regulations
+- Published Privacy Policy and Terms & Conditions
+- GDPR-compliant data handling practices
 
 Internal Operations Security:
 
-Secure password and credential management using Proton Pass
-All internal business data maintained in secure cloud environments (Proton, Dropbox, Canva)
-Code versioning and backup through GitHub
-Controlled access to all systems and services
+- Secure password and credential management using Proton Pass
+- All internal business data maintained in secure cloud environments (Proton, Dropbox, Canva)
+- Code versioning and backup through GitHub
+- Controlled access to all systems and services
 
 We plan to formalise our security practices into a comprehensive security policy as our organisation scales beyond 10 employees.