cyskye created the topic: Suggestion on gdpr bundle
my suggestion is to add a tool in the GDPR bundle that permits to delete accounts of inactive users after a certain period (2 years for example). This is due to the GDPR requirement to give a term to the data processing. So you can tell that you process data (for example) for 2 years following the last interaction. ( I don't know if I'm explaining well... hope so).
- system detects user is inactive for 2 years from its last access
- system suspends the account and advises admin
- admin chooses to delete account or leave it suspended (it depends on admin policy)
michael replied the topic: Suggestion on gdpr bundle
The tool I'm working on now (I'd like to release it before Monday)
1. offers users the ability to download their data - per GDPR Article 20
2. offers (optional) users the ability to delete their account per GDPR Article 17
The delete option has 2 methods:
1. Anonymize - identifying information is purged, but the account remains with a generic username
2. Delete - the axe!
These features are in the plugin I'm writing now, and as I said - I hope to release before Monday.
Stop processing data is not the same as disable/delete inactive users - that is outside of the scope of GDPR, so I would make that a separate plugin. It's totally possible though, and won't take very long to write.