29 lines
1.1 KiB
Markdown
29 lines
1.1 KiB
Markdown
|
# Delete My Account
|
||
|
|
|
||
|
|
**ID:** EU-006
|
||
|
|
**Priority:** Medium
|
||
|
|
**Status:** Planned
|
||
|
|
|
||
|
|
## User Story
|
||
|
|
As an end user, I want to permanently delete my account and all associated data so that I can exercise my right to be forgotten (GDPR compliance).
|
||
|
|
|
||
|
|
## Acceptance Criteria
|
||
|
|
- [ ] User can request account deletion from settings
|
||
|
|
- [ ] Deletion requires password confirmation or 2FA
|
||
|
|
- [ ] User sees summary of what will be deleted
|
||
|
|
- [ ] Grace period (e.g., 30 days) before permanent deletion
|
||
|
|
- [ ] User receives email confirmation of deletion request
|
||
|
|
- [ ] User can cancel deletion during grace period
|
||
|
|
- [ ] All personal data is removed after grace period
|
||
|
|
- [ ] User is removed from all organizations they belong to
|
||
|
|
|
||
|
|
## Technical Notes
|
||
|
|
- `suspendUser` and `deleteSuspendedUser` endpoints exist in admin context
|
||
|
|
- Need user-facing self-service deletion flow
|
||
|
|
- Consider soft delete with scheduled hard delete
|
||
|
|
- Must handle organization ownership transfer if user owns orgs
|
||
|
|
- Audit log should retain anonymized record for compliance
|
||
|
|
|
||
|
|
## Related TODOs
|
||
|
|
- New feature - builds on existing suspension infrastructure
|