Right to be forgotten

Subtitle

Right to be forgotten
On May 25th, 2018, the General Data Protection Regulation (GDPR) came into effect in the EU, opening a new era of data protection and privacy for everyone. It aims to harmonize and modernize existing privacy legislation, and to give individuals more control on their personal data. A Therp customer, Human Company, came with an interesting question related to the new regulation. They asess and test employees which have resonsible tasks in healthcare, transport, public security and industry. Sometimes candidates request to be completly removed from the database, not only their name, address, birthday and testresults, but also every trace they exsisted at all. In that case they want their eventual mails, issues and messages in the chatter, login, their relation with their employer and everything else anonymised too. On first sight that doesn't look to complicated but if you know how Odoo is organised, and for that matter most of the other advanced software for business processes, you know it's a cumbersome and time-consuming task if posible at all to perform via the interface. Manually you can change most of the personal data of the person in question, which will carry through many places in your Odoo database, and delete attachments. As administrator you can delete mails, logins,