Propose new features

Designing Decidim together

Phase 1 of 1

Open 01/01/2019 - 31/12/2030

Process phases Submit a proposal

Back to list

GDPR - Right to be forgotten - Ability for admins to delete user accounts

Antti Hukkanen

25/02/2021 11:06

**Is your feature request related to a problem? Please describe.**

GDPR gives users the right to be forgotten. Decidim provides a functionality for the users to delete their own account. However, we have several people who are less digitally native to be able to delete their account themselves. Therefore, some users send these requests by email after finding out their Decidim profile from a Google search.

**Describe the solution you'd like**

In the participants management admin panel, add the ability for admins to delete individual user accounts.

**Describe alternatives you've considered**

Right now it is possible to manually delete the account by signing into the server and performing the technical task there. But this is not possible for the admins who are managing the instance and need to answer these user requests in order to follow the EU regulations (GDPR).

**Additional context**

This is an actual admin user request that we have received from 3 separate cities so far.

This is also something the cities are enforced to do by law. If they cannot remove the user account based on user requests, they are not following the EU regulations which may lead to fines.

**Does this issue could impact on users private data?**

Yes, this has positive impact on users' private data, being able to delete their data based on their requests.

**Funded by**

No funding available (yet).