GDPR 删除工作流
business-operations
GDPR 数据删除工作流,具有身份验证、数据清单扫描、跨系统 PII 移除、备份清除和删除确认。
完整 FlowZap 代码
DataSubject { # Data Subject
n1: circle label:"Start"
n2: rectangle label:"Submit erasure request"
n3: rectangle label:"Verify identity via email"
n4: rectangle label:"Receive confirmation"
n5: circle label:"End"
n1.handle(right) -> n2.handle(left)
n2.handle(bottom) -> DPO.n6.handle(top) [label="Request received"]
n3.handle(bottom) -> DPO.n9.handle(top) [label="Identity confirmed"]
n4.handle(right) -> n5.handle(left)
}
DPO { # Data Protection Officer
n6: rectangle label:"Log request in register"
n7: rectangle label:"Send identity verification"
n8: diamond label:"Identity verified?"
n9: rectangle label:"Approve deletion request"
n10: rectangle label:"Reject with explanation"
n6.handle(right) -> n7.handle(left)
n7.handle(top) -> DataSubject.n3.handle(bottom) [label="Verify"]
n8.handle(right) -> n9.handle(left) [label="Yes"]
n8.handle(bottom) -> n10.handle(top) [label="No"]
n9.handle(bottom) -> DataSystems.n11.handle(top) [label="Execute"]
n10.handle(top) -> DataSubject.n4.handle(bottom) [label="Denied"]
}
DataSystems { # Data Systems
n11: rectangle label:"Query all data stores"
n12: rectangle label:"Delete from primary database"
n13: rectangle label:"Remove from analytics"
n14: rectangle label:"Purge from backups"
n15: diamond label:"Third-party data shared?"
n16: rectangle label:"Send deletion requests to partners"
n17: rectangle label:"Generate deletion certificate"
n11.handle(right) -> n12.handle(left)
n12.handle(right) -> n13.handle(left)
n13.handle(right) -> n14.handle(left)
n14.handle(right) -> n15.handle(left)
n15.handle(right) -> n16.handle(left) [label="Yes"]
n15.handle(bottom) -> n17.handle(top) [label="No"]
n16.handle(bottom) -> n17.handle(left)
n17.handle(top) -> DataSubject.n4.handle(bottom) [label="Complete"]
}Quick Answer
GDPR 删除工作流 is a workflow template that gdpr "right to be forgotten" requests must be fulfilled within 30 days or face fines up to €20m.
为什么需要这个工作流?
GDPR "right to be forgotten" requests must be fulfilled within 30 days or face fines up to €20M. This workflow ensures complete PII removal across all systems with proper verification and audit trails.
工作原理
- Step 1: Deletion request is received and identity is verified.
- Step 2: Data inventory scan identifies all systems containing the user's PII.
- Step 3: PII is removed from production databases, backups, and third-party systems.
- Step 4: Backup purging is scheduled according to retention policies.
- Step 5: Deletion confirmation is sent to the user with summary of data removed.
- Step 6: Audit log is retained for compliance documentation.
替代方案
Manual GDPR deletion using spreadsheets is error-prone and slow. Privacy tools like OneTrust or BigID cost $50K+/year. This workflow helps companies visualize their data deletion process.
Key Facts
| Template Name | GDPR 删除工作流 |
| Category | business-operations |
| Steps | 6 workflow steps |
| Format | FlowZap Code (.fz file) |