And some very interesting read:
https://www.cennydd.com/writing/a-techies-rough-guide-to-gdpr
An other puzzle is
"Be able to delete a customer and all records associated with the customer, across all your systems, within a month of request."
What happens when you delete a user ? You must delete his posts also ?
wpForo asks to delete all posts and topics of this user when you delete a user:
https://wpforo.com/docs/root/members/member-manager/#delete
Hi @anonymous20 @robert,
GDPR enables the right to be forgotten, which by definition (unless there is a regulatory or legal reason for you to retain any information), got are legally required by ICO guidelines and regulation to delete all data associated with that individual. By definition, this includes all posts etc that can be attributed to that individual.
Not sure if all posts must be deleted or just remove the reference to the user (as poster).
I think it's all posts only if they can be directly attributed to that user. I expect there's a case for data normalisation in terms of removing originally identifiable information
Not sure if all posts must be deleted or just remove the reference to the user (as poster).
My understanding is that personal data should be removed, including the avatar but not the contenet.
