GDPR Compliance #197

Wulfheart · 2021-02-01T15:04:00Z

Wulfheart
Feb 1, 2021

According to the GDPR an user has the right to be forgotten. When I’m using event sourcing it is as far as I know not possible to delete previous events with personal data.
Do you have an idea how I could use event sourcing and make it GDPR-compliant?

dilab · 2021-04-29T07:57:19Z

dilab
Apr 29, 2021

You could store references of the object that is GDPR sensitive.

0 replies

antal-levente · 2021-06-14T06:29:53Z

antal-levente
Jun 14, 2021

OR encrypt the personal data and delete the key on request. Like this the data remains there anonymously and still can be replayed.

1 reply

Wulfheart Jul 25, 2021
Author

Thanks for your response. Encrypting the data directly in the event store may allow attackers to decrypt in the future, therefore I wouldn't use it.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GDPR Compliance #197

{{title}}

Replies: 2 comments 1 reply

{{title}}

{{title}}

{{title}}

Select a reply

GDPR Compliance #197

Wulfheart Feb 1, 2021

Replies: 2 comments · 1 reply

dilab Apr 29, 2021

antal-levente Jun 14, 2021

Wulfheart Jul 25, 2021 Author

Wulfheart
Feb 1, 2021

Replies: 2 comments 1 reply

dilab
Apr 29, 2021

antal-levente
Jun 14, 2021

Wulfheart Jul 25, 2021
Author