Add GDPR logics

[jensneuhaus]

☝️What is it? Why do we need it?

Inactive account handling

Delete an account with some informations to him, when the user was inactive for too long

User deletes his account

The user decides to delete his account, we keep it for a few days

Send all existing user informations to email

The user can ask to send all data

📋 Todos

• [x] Have all logics in an folder gdpr
• [x] Use env GDPR_ADMINISTRATOR_EMAIL, default None
• [x] Use env GDPR_SUPPORT_EMAIL, default is GDPR_ADMINISTRATOR_EMAIL
• [x] Implement a daily_tasks command
• [x] Inactive Account handling
  • [x] Use env INACTIVE_ACCOUNT_DELETION_IN_WEEKS, default 52
  • [x] Make sure INACTIVE_ACCOUNT_DELETION_IN_WEEKS can be None - then there is no such logic
  • [x] Use env INACTIVE_ACCOUNT_WARNING_IN_WEEKS, default = 1,4 (it means, we remind 1 week and 4 week before it ends)
  • [x] Use env INACTIVE_ACCOUNT_DELETION_BCC_EMAIL, default GDPR_ADMINISTRATOR_EMAIL, do not send an BCC email if None
  • [x] Use env INACTIVE_ACCOUNT_WARNING_BCC_EMAIL, default GDPR_ADMINISTRATOR_EMAIL, do not send an BCC email if None
  • [x] Have some basic checks, that the ENV are correct. E.g. 52 + Warning 54makes no sense.. or if it is set to None
  • [x] send_warning_about_upcoming_account_deletion Email (use BCC!)
  • [x] send_warning_about_upcoming_account_deletion handling as part of daily_tasks command; use BCC mail
  • [x] send_inactive_account_was_deleted_email Email (use BCC!)
  • [x] send_inactive_account_was_deleted_email handling as part of daily_tasks command; use BCC mail
• [x] User deletes his Account handling
  • [x] Make sure the API works correctly, probably DELETE /users/me?
  • [x] Soft delete the user, e.g. marking it is_deleted
  • [x] Use env ACCOUNT_DELETION_RETENTION_IN_DAYS, default 7; if set to 0 the Account is deleted right away
  • [x] Use env ACCOUNT_SCHEDULED_FOR_DELETION_BCC_EMAIL, default GDPR_ADMINISTRATOR_EMAIL, do not send an BCC email if None
  • [x] Use env ACCOUNT_DELETED_BCC_EMAIL, default GDPR_ADMINISTRATOR_EMAIL, do not send an BCC email if None
  • [x] send_account_scheduled_for_deletion_email Email (if not 0 days of retention)
  • [x] send_account_scheduled_for_deletion_email handling as part of daily_tasks command; use BCC mail
  • [x] send_account_was_deleted_email Email
  • [x] send_account_was_deleted_email handling as part of daily_tasks command; use BCC mail
  • [x] Make sure, the account is reactivated, when the User logs back in; send send_account_was_recovered_email Email then

[jensneuhaus]

Here is an update on the Account info:

User wants to access all his account data

• [x] Add the user account_info_link / last_account_info_created to the User model
• [x] Only create the link, If ENV ACCOUNT_INFO_AUTOMATED=True (True is default) - if False, only the email is sent
• [x] User wants all his account data / clicks on button in Frontend
  • [x] Make sure the API works correctly for POST /users/me/account_data
  • [x] Use env ACCOUNT_INFO_ASKED_FOR_EMAIL, default GDPR_ADMINISTRATOR_EMAIL - send an email send_account_info_asked_for_email if it is not None
  • [x] Create a account_info_link hash (64 chars or longer)
  • [x] send an email account_info_is_ready to the User
  • [x] send_account_info handling as part of daily_tasks command
  • [x] For all Users with account_info_link != None and no last_account_info_created datetime > ACCOUNT_INFO_LINK_AVAILABILITY_IN_DAYS, delete the account_info_link
• [x] User opens the frontend page to access his informations - make sure the API works correctly for GET /users/me/account_data/<account_info_link>
  • [ ] Discuss the best structure for this API with @Ancinek
  • [x] Check if we an account_info_link hash like this
  • [x] Use Django setting ACCOUNT_INFO_HANDLER for collect the data, default is our handler 'gdpr.utils.account_info_handler'
  • [x] Have a default info collector working similar as https://github.com/jpadilla/django-rest-framework-jwt/blob/0a0bd402ec21fd6b9a5f715d114411836fbb2923/rest_framework_jwt/utils.py#L32
  • [x] In the beginning the handler should output all user data (name, email, username, last login, etc.)

Example email

Hello Jens,

thanks for your interest in the data . You can access your report here:
<PUBLIC_URL>/account-data/<account_info_link>/

For security reasons it will be deleted after <ACCOUNT_INFO_LINK_AVAILABILITY_IN_DAYS>. 

Fore more infos and any questions related to your privacy please write to <GDPR_SUPPORT_EMAIL >

[vladborisov182]

@jensneuhaus I didn't find anything about bcc in a Saasy documentation. May I ask you to tell how it works in the Saasy? At the moment I'm just sending two letters: one to the user, and the second to the admin

[jensneuhaus]

Can you please create an Issue for this in saasy (if access) and also one on the Boilerplate repo with a link to the Code lines which need to change, if we have BCC working?Am 13.02.2020 15:30 schrieb Vladislav Borisov notifications@github.com:@jensneuhaus I didn't find anything about bcc in a Saasy documentation. May I ask you to tell how it works in the Saasy? At the moment I'm just sending two letters: one to the user, and the second to the admin

—You are receiving this because you were mentioned.Reply to this email directly, view it on GitHub, or unsubscribe.