Clean up dead user accounts for GDPR compliance
muety opened this issue · comments
Automatically delete users who don't have any data and didn't log in within a year. Additionally (perhaps in a second step), send out deletion notices to users who do have data, but didn't log in within a year and also delete them after some grace period.
Only implemented clean up for inactive users (>= 12 months by default) who don't have data. Didn't implement deletion of users with data, yet.
hmmm idk about the auto-deletion of inactive users, does not sound good. especially for self-hosted instances. maybe could be an opt-in via ENV var or something, instead of opt-out?
Fair point, will change this with the next release.
Actually, I found a bug with the latest release. Please do not set WAKAPI_MAX_INACTIVE_MONTHS
to -1
. Will push a fix in a second.
@muety any reason why you've made this opt-out instead of opt-in? again, since many people will want to self-host, this is an easy thing to miss and could end up being really annoying..
thanks
It's opt-out (default value is -1), only forgot to update README.
sweet, thanks