Deactivate or delete user access?
I am working on a project using Django
. After struggling on how to remove user
from mine database
, I found this information .
is_active Boolean. Indicates whether this user account should be considered active. We recommend that you set this flag to False instead of deleting accounts; That way, if your applications have any foreign keys for users, the foreign keys won't break.
After reading this, it makes sense to me as a developer, my job is even easier. But I was wondering how the user would feel if he knew that the data obtained by using it was not actually deleted, but only deactivated. As a developer, can I warn my user that his / her data will not actually be deleted in order to avoid any legal problem?
source to share
From a programming point of view, there are many options:
- You can change all important data like email, names, etc. to whatever you want (again, this depends on related data, for example, if it's family photos, it won't do any good).
- You can have something like an "anonymous" account or a "remote user" and track down to change the IDs of all links to that account (again, there are issues that may be affected depending on the specific data).
- Ultimately, you can actually delete the user as soon as you review all your relationships again and decide what to do with them if the user is deleted.
Documentation guidelines are good for specific cases, but you should decide for yourself based on your specific case and requirements.
From a legal point of view, I'm not an expert, but I think this is a huge issue that is dealt with differently in different countries, but in the end I believe that there is an ethical obligation to let your users know at least what do you do with their data.
source to share