Vulnerability in EPiServer.Forms
We are doing some clean up on our local developer environments and that requires us to delete users/customers/profiles the whole lot.
How do I thoroughly delete every trace of a user/customer/profile?
There are possibly many places DB/BLOBS/Log Files, where customer details can will be going. Better to evaluate first where customer's data can go and then take actions accordingly.
Option 1: If its dev only, the cleanest and safest approach could be set up a new DB and import only the cms/commerce contents that requires
Option 2: Write up some schedule jobs that could do for you in all the environments. (To delete customers, you will have to delete orders etc also)
Thanks for your input.
I'm gonna go with option 1 since it is only for the devs.
If dev DB is based on prod data and contains customer's actual data than Orders will contain shipping/billing addresses, email and maybe phone also (Requires to process the order but not require to develop). But you are right, some GDPR Expert can advise better.