Sorry I am late to this conversation, but this is a very important issue and it does not appear it reached resolution.
It strikes me that GDPR compliance does mean changes to Discourse - maybe this is all in hand but I have not found it!
Data Access Requests
Most obvious thing - work for @sam I guess! - is to provide a one click ‘Data Access Request’ that does not need admin intervention. As far as I understand it, the GDPR requires data controllers to provide all personal information on request. This is very much like the existing UK Data Protection Act and can be onerous if you do not build it into the systems.
What I was thinking of was new section on your summary page (/u/richp10/summary) called something like ‘Your Data’. On that page, provide a brief explanation that the user can get a complete download of all the personal data kept on the site by clicking this button.
The app would then create a PDF of all the personal information and email it to them or display a link to download. Actually, the same mechanism as the ‘Download All’ button would be perfect. At a stroke, this solves compliance with that part of the legislation.
Right to be forgotten A
I think the above conversation reached the conclusion that posts are not - in general - personal information under the regulations. I agree with that assessment - whilst acknowledging that it is possible that posts exist which contain personal information.
My thought would be that on the ‘Your Data’ tab, we explain that shutting down the account removes all the personal data but leaves posts in place. Point out that if the user wants to shut the account they might want to remove some posts first.
I think it needs to be more obvious how to close down the account and more explicit what the implications are.
Right to be forgotten B
Although I think the above would comply with the law - I would like the option of going further.
My use of Discourse is with a vulnerable population, mostly with mental health problems. I would very much like to be able to allow people to entirely remove their content from the site, even though this has a cost in breaking up the conversations.
It would be great if we could have and provide the options - 1) Shutdown the account removing personal data but leaving posts or 2) Shutdown and deep clean - everything must go. Ideally we could configure to allow just one or both these options.