I was wondering how the GDPR compliance is realized in zammad. I searched the community forum and GitHub and found lot’s of inquiries beginning in early 2018, however all threads ended/closed without a solution.
The problem for anybody using zammad in a production environment is the requirement by law to be able to view & delete all personal data if required.
I’m aware of the option to delete users and tickets manually in the database. However, this will lead to lots of destroyed databases because even with maximum care sooner or later the admin will do a mistake. Besides that, the law requires any person declared as the data protection officer to be able to view and delete personal data. Usually this person is not an IT-expert and not able to manually work on a database.
Even this issue on GitHub is open since April 2018: https://github.com/zammad/zammad/issues/2074
Did I not find the solution for this issue or what’s the reason for this extremely urgent needed feature still missing?