get to prod tasks
This commit is contained in:
76
tasks/web-production/23-data-export-deletion.md
Normal file
76
tasks/web-production/23-data-export-deletion.md
Normal file
@@ -0,0 +1,76 @@
|
||||
# 23. Data Export & Deletion Tools
|
||||
|
||||
meta:
|
||||
id: web-production-23
|
||||
feature: web-production
|
||||
priority: P2
|
||||
depends_on: []
|
||||
tags: [compliance, gdpr, privacy, production]
|
||||
|
||||
objective:
|
||||
- Implement user-facing data export and account deletion tools to comply with GDPR and CCPA requirements
|
||||
|
||||
deliverables:
|
||||
- Data export API and UI (/settings/data-export)
|
||||
- Account deletion API and UI (/settings/delete-account)
|
||||
- Data retention policy enforcement
|
||||
- Deletion confirmation and grace period
|
||||
|
||||
steps:
|
||||
1. Create data export functionality:
|
||||
- API endpoint: POST /api/trpc/user.exportData
|
||||
- Collect all user data: profile, alerts, exposures, subscriptions, family members
|
||||
- Format as JSON or machine-readable format
|
||||
- Include metadata: export date, data categories
|
||||
- Email download link or provide direct download
|
||||
- Complete within 30 days (GDPR requirement)
|
||||
2. Create account deletion:
|
||||
- UI in settings page with warning and confirmation
|
||||
- Require password re-entry for confirmation
|
||||
- API endpoint: POST /api/trpc/user.delete
|
||||
- Soft delete first (mark deletedAt, anonymize)
|
||||
- Hard delete after 30-day grace period
|
||||
- Cancel active subscriptions via Stripe
|
||||
- Remove from email lists
|
||||
3. Implement family data handling:
|
||||
- If family group owner: transfer ownership or delete group
|
||||
- If family member: remove from group
|
||||
- Notify family members of account deletion
|
||||
4. Add data retention policy:
|
||||
- Define retention periods per data type
|
||||
- Automated cleanup of deleted accounts after 30 days
|
||||
- Audit logs retained for 1 year
|
||||
- Backup deletion after retention period
|
||||
5. Add admin tools:
|
||||
- Admin endpoint to fulfill data export requests
|
||||
- Admin endpoint to process deletion requests
|
||||
- Audit log of all export/deletion actions
|
||||
|
||||
tests:
|
||||
- Unit: Test export includes all user data
|
||||
- Integration: Test deletion flow end-to-end
|
||||
- Compliance: Verify grace period and hard delete
|
||||
|
||||
acceptance_criteria:
|
||||
- Users can export all personal data from settings
|
||||
- Export includes: profile, alerts, exposures, watchlist, subscriptions, family data
|
||||
- Export delivered within 30 seconds (async for large data)
|
||||
- Account deletion requires password confirmation
|
||||
- Deleted accounts soft-deleted immediately, hard-deleted after 30 days
|
||||
- Active subscriptions cancelled on deletion
|
||||
- Family group handled correctly (ownership transfer)
|
||||
- Deletion audit log maintained
|
||||
- Data retention policy documented and enforced
|
||||
|
||||
validation:
|
||||
- Export data → JSON file contains all user data
|
||||
- Delete account → user marked deleted, can login to restore within 30 days
|
||||
- After 30 days → user data completely removed from DB
|
||||
- Check Stripe → subscription cancelled
|
||||
- Check audit log → deletion action recorded
|
||||
|
||||
notes:
|
||||
- Soft delete preserves referential integrity for family groups
|
||||
- Hard delete must cascade through all related tables
|
||||
- Consider GDPR Article 17 exceptions (legal obligations)
|
||||
- Backup restoration may temporarily restore deleted data
|
||||
Reference in New Issue
Block a user