In the context of data protection, ensuring a transparent handling of personal data is becoming increasingly important. The deletion request plays a significant role here, especially when applicants demand the immediate deletion of their data in accordance with Article 17 of the GDPR.

Why manual deletion is important

In cases of deletion requests, you should not use the automatic deletion routine. This routine is tied to time-based rules and may result in too many days passing between the deletion request and the actual deletion. Applicants could interpret this as a violation of the GDPR and take legal action.

Instead, it is necessary to perform the deletion manually to immediately remove the data from the system.

Step-by-step guide

1. Create an application status

Create a new application status to mark deletion requests:

• Display name: For example, "Deletion Request"
• Automatic deletion: No
• Final status: Yes
• Mandatory correspondence: Yes

2. Create a correspondence template

Create a template for the deletion request confirmation:

• Name: For example, "Deletion Confirmation"
• Available for: Status change
• Status: The status created in Step 1
• Subject (suggestion): Your data deletion request
• Content (suggestion):

  Your personal data, which we received as part of your application, is now being deleted. We will no longer have access to it. After an additional 30 days, your personal data will also be permanently deleted from all backups.

3. Set up status transitions

Create status transitions from all existing statuses to the new application status. This ensures that the data deletion request can be handled at any process step.

4. Manually delete the application

Perform the deletion manually:

• Go to Manually delete application
• Select the option "Delete application and personal data".