GDPR and CCPA-compliant soft-delete
Deleting an account now triggers a 30-day soft-delete retention window. Data is purged automatically after the grace period, meeting GDPR and CCPA requirements.
When a user deletes their account, we no longer hard-delete rows immediately. Instead, records are flagged as deleted and hidden from all queries. A nightly cron job permanently purges anything older than 30 days.
During the grace period, users can contact support to restore their account and all associated data. After 30 days the purge is irreversible.
This applies to all user-owned data: organizations, status pages, services, incidents, subscribers, and billing records. Audit logs are retained separately per our data-retention policy.
The implementation adds a deletedAt timestamp to every relevant model and a global Prisma middleware that automatically filters soft-deleted rows from all reads.