What should happen to a user's data when their account within a team is deleted?



  • In a SaaS app, users each have their own account and they're all part of a team. Let's say the SaaS is a document creation/sharing app. If a user is deleted or leaves the app, what happens to "artifacts" of them being a member of the team. Documents, even if created by them, will belong to the team, but what about things like comments? What should the UI say instead of their name?



  • The UI can say their name as long as that is legal. If the former employee has enacted a Privacy-related Rights Request such as "delete me from your systems" and isn't dead then you will need to remove their name from the system except where you are required to keep the information for legal/compliance purposes. Replace with a number to avoid ambiguity and also allow some degree of reference if an auditor needs to know who the number represents.


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2