Replies: 2 comments
-
|
I think this is linked to issue #208 though I hadn’t thought about it from a GDPR perspective. One immediate challenge that crosses my mind is the ability to still perform analytical tasks if orders are completely removed so maybe an intermediary summarised store is needed for this, but then the orders themselves are removed. Or we just say analytics can only go as far back as the data does. Just something that might need to be thought about before this is implemented, but I agree some cleanup tool would be useful both from a performance and GDPR perspective. |
Beta Was this translation helpful? Give feedback.
-
|
I suppose redaction might keep the analytics, while removing the PII |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Data Protection Officers should have a data retention policy which states that old data is deleted after a period of time. It is likely that PII held within order will end up being retained for many years.
It would be helpful if you could setup a retention policy within Vendr so that orders could be deleted after X months. Alternatively, or in addition, perhaps a section within the Commerce tab where orders could be bulk deleted based on date (or other?).
The current options of list view-style bulk deleting or a custom SQL script aren't optimal.
I mention having just taken a relatively insecure website offline which contains nearly 1M contacts details.
Beta Was this translation helpful? Give feedback.
All reactions