Solved

GDPR: should the customer history populated from the Firebase integration be deleted?

  • 26 May 2023
  • 1 reply
  • 41 views

Badge +2

Hi, 

In order to conform with GDPR, when a user deletes his account, should we also delete the data populated in Firestore by the RevenueCat extension i.e data populated in the “events” and “customers” collections?

For instance, I could easily delete “/customers/{app_user_ids}” documents but it gets tricky when I need to delete “/customers/{$RCAnonymousIDS}” documents because I would need to do a search in all these documents to target the ones that contain an “alias” to the app_user_id in question. Similarly, I would need to do the same for the “events” collection and i was wondering if I could avoid doing that and just not delete any of the data in “customers” and “events” collections and still comply with GDPR, could you please clarify?

 

Br, 
Nader

icon

Best answer by Haley Pace 31 May 2023, 23:43

View original

1 reply

Userlevel 4
Badge +8

If you delete the user from RevenueCat in response to a GDPR delete request, you should probably delete that data from Firestore. The same goes for events. Please see here for RevenueCat’s policy on GDPR: https://www.revenuecat.com/gdpr/
 

For instance, I could easily delete “/customers/{app_user_ids}” documents but it gets tricky when I need to delete “/customers/{$RCAnonymousIDS}” documents because I would need to do a search in all these documents to target the ones that contain an “alias” to the app_user_id in question.

 Unfortunately I don’t know if there’s an easier way to look them up.

Reply