GDPR

How other implement that https://www.youtube.com/watch?v=8nq43nqi9X0&t= When you source, process and use personal data than you need to implement General Data Protection Regulation

  • expiry period (retention) should be accessible. When that expires, personal data should be destroyed if there is no confirmation of that person
  • put a link in a email notification than can be used by person to correct or delete its data
  • make persons aware of how their data is being processed by adding privacy policy page to the site and link in the footer
  • show cookie consent box and show box for consent of processing their personal data

Rails

To write a test so make sure all user data is removed you can try with https://monolist.co/blog/2019/09/delightful-goodbyes-guaranteeing-deletion/