I’d be happy to take care of this but first we should make sure we all agree on what to do.
Is there really a standard way of doing this? Until reading this, I thought the theoretical-maybe-never-done-in-practice standard way of doing this was hard deleting the data.
Are there some reasons for us not wanting/being able to do this? As far as I’m concerned, it would feel like the cleanest way of implementing this.
Otherwise, we’ll have to deal with default_scope: where(deleted_at: nil)
which is known to be evil, along with some user.deleted_at ? 'User deleted' : user.name
kind of tricks.
This is doable but will bring some pain in perspective.
Also I’m not a lawyer, but I know that the CNIL in France is pretty strict with what we can do with user data, and I think deletion MUST be possible and effective (at least anonymisation, this needs to be checked).
Finally, a quick note on doing myemail+deleted@gmail.com
: this would still deliver emails to myemail@gmail.com
because of the + email feature.
Comments welcome!