This is a GDPR topic. Basically, we need to know whether and over what time frame personal data, such as IP address, name and email, are deleted permanently.
Hi,
Are you referring to a site that is hosted by us or by someone else?
Sorry, yes. I was referring to a forum hosted by Discourse.
All good. 
Users are not deleted after a period of inactivity unless they were never activated.
We retain backups for 30 days before deleting them permanently.
This won’t purge forum users who simply haven’t used the forum in a while, right? It will only purge unactivated users, such as when people don’t fully register or when they delete their accounts? We’re trying to make it possible for users to easily delete all their personal information from all servers if they want to. This is for GDPR compliance. We regularly get requests to be forgotten from people in Europe. Either I need to manually delete them and deactivate their accounts, or I need to allow them to do it themselves.
Our intended functionality to support this is user anonymisation.
This will remove the user’s information from the database itself; not only from public-visible areas.
This is something only an admin can do, right? Or is there a way to enable users to anonymize their own accounts?
If it’s something only an admin can do, then when we receive a request to be forgotten, an admin will need to figure out what email/name/username the person used in the forum and anonymize their account for them. It might be difficult to figure out which forum account belongs to a person. For instance, let’s say Jane Doe registers for the forum with jane.d@company.com, username jdo1, and name Jane D. Then Jane joins a different company. She emails us from J.doe@business.de and requests that we delete her information from all servers. I look in the forum and see we have users like jd75, janed, and doej. We also have several @business.de email addresses, but I’m not sure if any of them are Jane Doe. So it’s hard to figure out who she is and anonymize her.
Edit: By the way, I also can’t just reach out to Jane in the example above and ask her which forum user account was hers. Requests to be forgotten are run through a different department, and I have no way to contact the person. I’m not even sure I’m legally allowed to contact them.
Anonymisation is an admin-only function, but we do have customers who frequently automate it into their existing compliance workflow since it can be called via the API.
IANAL, but this seems like an easy case: You can’t authenticate the request so you can’t process it.
This sounds like a process problem that needs to be fixed - people’s names are not unique so a request coming down the pipeline to you saying “Delete Jane Doe’s account” is invalid. What would your company do if Gavin Hudson wrote in asking to delete his account? There needs to be some unique identifier associated with the request trackable across your systems, be that email address or an internal account ID.
If the unique identifier is “J.doe@business.de” then your response ought to be “no account exists with that email address”.
Thanks very much for all your help, @supermathie and @HAWK !
There is this theme-component that helps by putting "Account Deletion Request on preferences
Not sure if Automation Plugin might give other options ie on account inactivity time period.
This is excellent! Thanks @Heliosurge !
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.