Ask HN: How does GPDR compliance deal with data backups and archives? - taariqlewis
======
ocdtrekkie
You should specify in your policy how long deleted data will remain in
backups, and for that length of time, you should retain a list of accounts
requesting deletion, so that in the event of a restore, you can re-delete data
before restored data goes back into production use.

~~~
taariqlewis
Thank you! This was very helpful!

~~~
ocdtrekkie
As an example, Google Cloud has granted itself up to 180 days to ensure
customer deleted data is fully purged: [https://cloud.google.com/terms/data-
processing-terms#6-data-...](https://cloud.google.com/terms/data-processing-
terms#6-data-deletion) so as long as it isn't crazy, you are probably safe as
long as the right design is in place to ensure deleted data doesn't get
accidentally restored.

With regards to keeping a list of deleted users for your retention window to
re-delete, another suggestion if it's not super difficult to implement
(depends on your databases, I suppose), is it is even better if your list of
deleted users to remember to delete if you restore a backup is using like a
record ID instead of an email address, for instance, if possible.

The less personal information you retain for the least amount of time after
someone requests deletion, the better. But backups are an obvious business
need, and GDPR is cognizant of that. You just need to remember that everything
you do with user data should be transparent and should have a justifiable
reason for doing it.

------
xKEV1O89sJXhZbu
Are you talking about personal data belonging to EU subjects that is contained
in backups and archives?

~~~
taariqlewis
Yes. We were wondering about our exposure to personal data that is contained
in backups and archives.

