GDPR clean up of customers in EPiServer Commerce v10.8.0

Vote:
 

We are doing some clean up on our local developer environments and that requires us to delete users/customers/profiles the whole lot.

How do I thoroughly delete every trace of a user/customer/profile?

#193951
Jun 08, 2018 12:25
Vote:
 

There are possibly many places DB/BLOBS/Log Files, where customer details can will be going. Better to evaluate first where customer's data can go and then take actions accordingly.

Option 1: If its dev only, the cleanest and safest approach could be set up a new DB and import only the cms/commerce contents that requires

Option 2: Write up some schedule jobs that could do for you in all the environments. (To delete customers, you will have to delete orders etc also)

/K

#193955
Jun 08, 2018 13:08
Vote:
 

Thanks for your input. 

I'm gonna go with option 1 since it is only for the devs.

#193956
Jun 08, 2018 13:16
Vote:
 
<p>Regarding 2: If I undestand correctly, it's not true. Orders are financial contracts that overrule GDPR. You don't have to delete orders to comply with GDPR and you can delete a contact without having to delete its orders.</p> <p>But I'm not a GDPR expert, so don't take my words as granted.&nbsp;</p>
#193961
Jun 08, 2018 14:08
Vote:
 

If dev DB is based on prod data and contains customer's actual data than Orders will contain shipping/billing addresses, email and maybe phone also (Requires to process the order but not require to develop). But you are right, some GDPR Expert can advise better. 

/K

#193963
Jun 08, 2018 14:19
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.