Background: I've read the exchanges at https://www.pythonanywhere.com/forums/topic/1287/ and I'm uncertain whether I can keep using PA, which in all other respects provides a great service. The GDPR does not impose any absolute rule that all data must be encrypted at rest, but it mentions encryption as potentially appropriate, and these days many clients will insist on it. Heroku, Railway etc all say their databases are encrypted at rest, and AWS offer database encryption. Queries: Can I double-check that none of the databases you offer have anything that could be described as encryption at rest and that you have no plans to change that? (I'm sorry to ask this yet again but I've read a Railway forum where there was evidently some confusion about different types of encryption, and their answer changed No to Yes.) Do you have any suggestions for someone who would like to continue using PA but may have clients who will need to have the "data encrypted at rest" box ticked?
