Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-62830

User deletion not GDPR compliant : personal data not deleted (lastip)

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Not a bug
    • Affects Version/s: 3.2.9, 3.3.6, 3.4.3, 3.5
    • Fix Version/s: None
    • Component/s: Privacy

      Description

      When deleting a user from user interface (probably for web-service also) not all the personal data is deleted or scrambled. (example lastip, phone, address ...). This is not GDPR compliant.

      Steps to reproduce:

      1) create a user with personal data like phone, address, url

      2) login as that user - lastip will be stored

      3) delete the user

      4) email and username are scrambled, but the other personal data is still there. 

      Regards

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dman2 Dorel Manolescu
            Participants:
            Component watchers:
            Andrew Nicols, Dongsheng Cai, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: