Concerns open PR: #3852 #3234 solidus_braintree #226
EU says clearly that personal data needs to be deleted upon customer request.
I do not see right now how we can make the address situation fit with that.
In Europe if the address is not needed for fiscal reason there's no reason to store it.
This means in Europe we need a solution to:
- Delete an address after 10 + 1 years (in some countries it might even be less) for an address used within an order if, and only if, the address was used for a fiscal receipt created here (invoices are not included);
- Delete an address immediately upon customer request if the address was not used on a fiscal receipt;
- if an address reaches the age of consented storage (which can also be indefinitely if the privacy terms of a website are written accordingly) if not requested by a user earlier.
I don't see how to avoid that to comply with European regulations.
Solidus Version:
All
Concerns open PR: #3852 #3234 solidus_braintree #226
EU says clearly that personal data needs to be deleted upon customer request.
I do not see right now how we can make the address situation fit with that.
In Europe if the address is not needed for fiscal reason there's no reason to store it.
This means in Europe we need a solution to:
I don't see how to avoid that to comply with European regulations.
Solidus Version:
All