Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
Kordant/tasks/web-production/23-data-export-deletion.md
Michael Freno 5214412fff get to prod tasks
2026-05-26 16:06:34 -04:00

2.9 KiB
Raw Permalink Blame History

23. Data Export & Deletion Tools

meta: id: web-production-23 feature: web-production priority: P2 depends_on: [] tags: [compliance, gdpr, privacy, production]

objective:

  • Implement user-facing data export and account deletion tools to comply with GDPR and CCPA requirements

deliverables:

  • Data export API and UI (/settings/data-export)
  • Account deletion API and UI (/settings/delete-account)
  • Data retention policy enforcement
  • Deletion confirmation and grace period

steps:

  1. Create data export functionality:
    • API endpoint: POST /api/trpc/user.exportData
    • Collect all user data: profile, alerts, exposures, subscriptions, family members
    • Format as JSON or machine-readable format
    • Include metadata: export date, data categories
    • Email download link or provide direct download
    • Complete within 30 days (GDPR requirement)
  2. Create account deletion:
    • UI in settings page with warning and confirmation
    • Require password re-entry for confirmation
    • API endpoint: POST /api/trpc/user.delete
    • Soft delete first (mark deletedAt, anonymize)
    • Hard delete after 30-day grace period
    • Cancel active subscriptions via Stripe
    • Remove from email lists
  3. Implement family data handling:
    • If family group owner: transfer ownership or delete group
    • If family member: remove from group
    • Notify family members of account deletion
  4. Add data retention policy:
    • Define retention periods per data type
    • Automated cleanup of deleted accounts after 30 days
    • Audit logs retained for 1 year
    • Backup deletion after retention period
  5. Add admin tools:
    • Admin endpoint to fulfill data export requests
    • Admin endpoint to process deletion requests
    • Audit log of all export/deletion actions

tests:

  • Unit: Test export includes all user data
  • Integration: Test deletion flow end-to-end
  • Compliance: Verify grace period and hard delete

acceptance_criteria:

  • Users can export all personal data from settings
  • Export includes: profile, alerts, exposures, watchlist, subscriptions, family data
  • Export delivered within 30 seconds (async for large data)
  • Account deletion requires password confirmation
  • Deleted accounts soft-deleted immediately, hard-deleted after 30 days
  • Active subscriptions cancelled on deletion
  • Family group handled correctly (ownership transfer)
  • Deletion audit log maintained
  • Data retention policy documented and enforced

validation:

  • Export data → JSON file contains all user data
  • Delete account → user marked deleted, can login to restore within 30 days
  • After 30 days → user data completely removed from DB
  • Check Stripe → subscription cancelled
  • Check audit log → deletion action recorded

notes:

  • Soft delete preserves referential integrity for family groups
  • Hard delete must cascade through all related tables
  • Consider GDPR Article 17 exceptions (legal obligations)
  • Backup restoration may temporarily restore deleted data
Reference in New Issue View Git Blame Copy Permalink