cancel
Showing results for 
Search instead for 
Did you mean: 

Preserve Subscription Details After User Deletion

Eldhos
Participant
0 Kudos
289

Hi Team,

I have a Scenario as mentioned below.

1. User Will do a Subscription email A@B.COM.

2. User Will Register with Same email : A@B.COM.

3. Customer will delete their account .

After Delete, Subscription data & Subscription consents will be preserved in CDC.. How can we achive it?

How to Withdraw Privacy/Terms Of Use Consent Via API/Screenset?

How can we achieve it?

Accepted Solutions (0)

Answers (1)

Answers (1)

olehi941
Active Participant
0 Kudos

Hi eldhos,

To get this information you should call audit.search API with the query parameter.

Please refer to this documentation(Searching Consent Records Using APIs) and you will find everything that you need.

But in two words: you should use in the WHERE clause the following condition to get all the Consents based on different actions, like
action = "Granted"
action = "Withdrew"
action = "RightToBeForgotten"(user was deleted)

You also can use other attributes, like: @timestamp, uid, path, etc.. to filter what you expect to get.

Hope it helped. Otherwise, we can discuss more cases in the comments below.

Eldhos
Participant
0 Kudos

HI Oleh,

It is not about getting the consent information, But It is all about revoking/ Withdraw Privacy/Terms Of Use Consent Via API/Screenset .

Kindly Help me

olehi941
Active Participant
0 Kudos

Hi eldhos,

Looks like we misunderstood each other, let's align on that.

"After Delete, Subscription data & Subscription consents will be preserved in CDC.. How can we achive it?"
Here I thought that you need to have the capability to retrieve from DB subscriptions that were deleted. If no - please describe deeply what you expect?

On the second I haven't answered, because:
1) I thought that you need the same
2) When the user is deleting, all Consents are withdrawn automatically.

But let's follow the second question:
"How to Withdraw Privacy/Terms Of Use Consent Via API/Screenset? How can we achieve it?"

So, we follow your case:

1. User Will do a Subscription email A@B.COM.
2. User Will Register with Same email : A@B.COM.
3. Customer will delete their account .

And did I get you in the right way? After deletion, you want to withdraw Privacy/Terms of Use. And my question here is: why do you need to do it?(it's happening automatically after deletion after CDC).

Example: I've registered the user with PP, ToS and one subscription. Right after that, I've deleted the user.

When the user was created -> Privacy Policy, Terms of Service and Communication Consent(subscription) have been Granted.
When the user was deleted -> Privacy Policy, Terms of Service and Communication Consent(subscription) have been Withdrawn + we have got an additional log that the user was Deleted(Right to be forgotten).

So we don't need to do efforts to revoke Consent, it's done automatically by the CDC when the user has been deleted.
Please let me know if I got your point now and answered. If now - please provide additional comments.
Thanks.

Eldhos
Participant
0 Kudos

Hi Oleh,

Sorry for the confusion. Let's say

Note: Same User is shared between 2 sites ( Site 1 = P, Site 2= Q) under the same parent site

1. User Will do a Subscription with email A@B.COM In both Sites P & Q

2. User Will Register with the Same email : A@B.COM in Site P. Later He may accept the consent of Site Q.

3. Customer will delete their account from Storefront (Site P).

Step 3, Customer expects either of below:

1. Keep the user info if he has accepted the Consent(Privacy/Terms Of Use ) of Site Q and Withdraw the consent (Privacy/Terms Of Use ) of Site P and keep user information as is.

2. If User has only accepted the consent(Privacy/Terms Of Use ) of Site P, Then Delete the customer information and retain only the lite account with subscription data.

Regards,

Eldhos

olehi941
Active Participant

Hi eldhos,

1. You cannot do it in that way. l leave the link to full documentation, just some context below:
"two types of statements, terms of service and privacy policy, are mandatory for users to complete their registration. This means that users attempting to register to your site have to willingly agree to any active terms and policies that apply to that site (isConsentGranted has to be true for the user to complete registration). In addition, users cannot withdraw this consent and remain registered to your site. If a user wishes to withdraw their consent, they should be deleted from your site. If that user tries to register again to your site, they will go through the registration process like a new user".

2. Let's start from that(mentioned in step 1), you cannot withdraw already accepted PP or ToS and remain registered on the site.
And as I see in the designs, you cannot split/remove the "full" part from "lite" once they merged. You can delete the fields that you need, but it will be still:
"hasLiteAccount": true
"hasFullAccount": true
I see only one workaround: save values -> delete the user fully -> recreate as a lite(with all needed fields).
Hope it helped. If any questions, please go ahead.

Eldhos
Participant
0 Kudos

It Helps Oleh. Even I reached the same conclusion. But Creating lite register user wont be good approach as there is a possibility of consent version change in between

olehi941
Active Participant

Hi eldhos, I have some updates for you below:

1) "I reached the same conclusion. But Creating lite register user wont be good approach as there is a possibility of consent version change in between".

But it is related only to this case: "If User has only accepted the consent(Privacy/Terms Of Use) of Site P, Then Delete the customer information and retain only the lite account with subscription data".

At this stage, you mentioned, you don't need to keep any Consents, only lite account with subscription data.

So, you can re-create a lite account and set lastUpdatedSubscriptionState as it was for the specific user. Do you need the Consents(Privacy Policy and Terms of Service) for lite?

2) "Keep the user info if he has accepted the Consent(Privacy/Terms Of Use) of Site Q and Withdraw the consent (Privacy/Terms Of Use) of Site P and keep user information as is."

I reviewed the documentation and found the next API(accounts.resetSitePreferences REST😞 "method is used to reset the preferences (consent statement status) of a registered site user, on a child site in a site group, for all the consent statements including any mandatory consent statements to which they have agreed. Note that this will reset only consent statements that are unique to the site, i.e. will not affect statements that are active in other sites of the group"

Looks like it can work for you in your case, doesn't it?

Hope it helped. If any questions, please go ahead.

Eldhos
Participant

Hi Oleh, It helps