Member 13800768 Ответов: 1

Эффективный способ удаления учетной записи клиента для GPDR

As we are working for [GPDR][<a href="https://gdpr-info.eu/art-17-gdpr/%20GPDR">1</a>[<a href="https://gdpr-info.eu/art-17-gdpr/%20GPDR" target="_blank" title="New Window">^</a>]]


We just want to know about the effective way to do while user requests to delete their account.

We have analyzed this generally and had some idea about and consolidated below:

 1. Customer information such as email, name, phone number so on alone deleted is enough? or need to remove all the details associated with that account such as support tickets or purchase details too?
 2.  Shall we drop foreign key references of customer info table alone delete customer information alone ? is this proper way? 
 3.  [Here][https://www.mycustomer.com/marketing/data/gdpr-and-the-right-to-be-forgotten-how-to-process-requests-for-erasure], This article says that all resources need to be deleted. But is this effective way? As we are maintaining large amount of resources along with 
 customer account it will leads to many conflicts while deletion.
 4.  Encryption for all customer data and deleting related key (which used for decryption) while customer requested to delete an account? [Here][ https://info.townsendsecurity.com/gdpr-right-erasure-encryption-key-management],
 Which is effective method or algorithm for this kind of process


As I didn't have the clear idea due to multiple ways provided I need your suggestion to work to delete account process to satisfy the GPDR law.

Please help me on this.

Thanks in advance.

What I have tried:

Analysed general articles 
<a href="https://blog.gemalto.com/security/2017/08/16/deeper-dive-into-gdpr-right-to-be-forgotten/">A deeper dive into GDPR: Right to be forgotten? - Gemalto blog</a>[<a href="https://blog.gemalto.com/security/2017/08/16/deeper-dive-into-gdpr-right-to-be-forgotten/" target="_blank" title="New Window">^</a>]


<a href="https://www.mycustomer.com/marketing/data/gdpr-and-the-right-to-be-forgotten-how-to-process-requests-for-erasure">GDPR and the Right to be Forgotten: How to process requests for erasure | MyCustomer</a>[<a href="https://www.mycustomer.com/marketing/data/gdpr-and-the-right-to-be-forgotten-how-to-process-requests-for-erasure" target="_blank" title="New Window">^</a>]


<a href="https://www.advantagecs.com/blog/forgetting-a-customer-the-gdpr-way">Forgetting a Customer (the GDPR way) - AdvantageCS</a>[<a href="https://www.advantagecs.com/blog/forgetting-a-customer-the-gdpr-way" target="_blank" title="New Window">^</a>]

1 Ответов

Рейтинг:
1

Richard MacCutchan

Это не технический вопрос, а вопрос о том, как реализовать закон. Вам нужно поговорить с юристом.