Hello,
GDPR compliance is a big concern for us (and probably many of your other customers as well).
Per law any data processing entity must give users the opportunity to delete their user data at any time.
Either manually through an admin or even better, the user can do it themselves.
As mentioned in other threads this is currently not possible with Zammad without risk of damaging your database.
I read this feature will be implemented in some way until the end of the year but I could not find any specification on your workflow on github so I would like to propose the following:
Proposal:
- The User is able to delete his account from Zammad through the GUI in his profile settings (optional feature can be enabled or disabled through admin settings)
- Level of deletion can be set through the admin interface e.g. only user profile with personal data gets deleted, ticket references stay as they are or all data and references get deleted.
This separation could be useful for companies that don’t gather personal data in tickets but only in the user profiles for account creation.
Our current workaround is to “scramble” the user data with “gibberish” data and setting the user inactive.
This works OK for companies with smaller numbers of users but it can get tedious quickly with larger numbers. So automatic data “scrambling” might be a quick and dirty solution for customers that only need to remove user profiles but can keep tickets.
If you are already implementing it similarly to this please ignore this inquiry.
Best regards,
Nino
