Umbraco.Commerce.Issues icon indicating copy to clipboard operation
Umbraco.Commerce.Issues copied to clipboard

Published 20 hours ago verified publisher icon umbraco

Data retention

Open drpeck opened this issue 4 years ago • 2 comments

Data Protection Officers should have a data retention policy which states that old data is deleted after a period of time. It is likely that PII held within order will end up being retained for many years.

It would be helpful if you could setup a retention policy within Vendr so that orders could be deleted after X months. Alternatively, or in addition, perhaps a section within the Commerce tab where orders could be bulk deleted based on date (or other?).

The current options of list view-style bulk deleting or a custom SQL script aren't optimal.

I mention having just taken a relatively insecure website offline which contains nearly 1M contacts details.

drpeck avatar Mar 24 '21 17:03 drpeck

I think this is linked to issue #208 though I hadn’t thought about it from a GDPR perspective.

One immediate challenge that crosses my mind is the ability to still perform analytical tasks if orders are completely removed so maybe an intermediary summarised store is needed for this, but then the orders themselves are removed. Or we just say analytics can only go as far back as the data does.

Just something that might need to be thought about before this is implemented, but I agree some cleanup tool would be useful both from a performance and GDPR perspective.

mattbrailsford avatar Mar 24 '21 17:03 mattbrailsford

I suppose redaction might keep the analytics, while removing the PII

drpeck avatar Mar 24 '21 18:03 drpeck