Skip to main content

Hi, 

In order to conform with GDPR, when a user deletes his account, should we also delete the data populated in Firestore by the RevenueCat extension i.e data populated in the “events” and “customers” collections?

For instance, I could easily delete “/customers/{app_user_ids}” documents but it gets tricky when I need to delete “/customers/{$RCAnonymousIDS}” documents because I would need to do a search in all these documents to target the ones that contain an “alias” to the app_user_id in question. Similarly, I would need to do the same for the “events” collection and i was wondering if I could avoid doing that and just not delete any of the data in “customers” and “events” collections and still comply with GDPR, could you please clarify?

 

Br, 
Nader

If you delete the user from RevenueCat in response to a GDPR delete request, you should probably delete that data from Firestore. The same goes for events. Please see here for RevenueCat’s policy on GDPR: https://www.revenuecat.com/gdpr/
 

For instance, I could easily delete “/customers/{app_user_ids}” documents but it gets tricky when I need to delete “/customers/{$RCAnonymousIDS}” documents because I would need to do a search in all these documents to target the ones that contain an “alias” to the app_user_id in question.

 Unfortunately I don’t know if there’s an easier way to look them up.


Reply