-
Suggestion
-
Resolution: Unresolved
-
12
-
Personal data can be cleared out by deleting an Atlassian Account. At the moment, this is a manual operation that needs to be carried out by organization administrators.
Suggestion : Allow to delete accounts automatically based on deactivation time (ie. x years).
[ACCESS-1274] Automatic account deletion base on time
This is a much needed feature (IMHO) as we per GDPR are requires to delete personal information after a certain periode (e.g. the 12 month) after the accounts was deleted by the IdP.
As it is currently we need to manually delete these deleted accounts.
It would be nice to delete Users automatically after they got deleted in the synced Source-IDP like azure
rmacalinao I believe this issue belongs to a different component. I've changed it and hopefully it gets routed to the right team.
rmacalinao Looking at this page https://hello.atlassian.net/wiki/spaces/JALNKB/pages/1591574514/SOP+-+Handling+GDPR+requests+including+the+right+to+be+forgotten , looks like customers can use the following link to request for deletion of personal data https://www.atlassian.com/trust/privacy/gdpr/request-delete-personal-data
Totally agree. We ought to be able to have a Managed User Deletion Policy which would delete deactivated users (that would have auto deactivated via SCIM) to delete these users X years after their deactivation. That would allow the user name to still be visible in the applications for a reasonable period of time while it is still helpful to the business (recent Jira issues, approvals, audit record type things) but to then remove them.
Followon Application behavior should be defined to occur based on ownership (Jira dashboards/queries, Confluence personal spaces, etc). Some behavior there to address things owned by deactivated users would help to ensure new owners are found before the eventual account deletion.