Gerenderde documentatie
Deze pagina rendert de Markdown en Mermaid van de module direct vanuit de publieke documentatiebron.
Overview#
The Erasure domain implements the GDPR Article 17 right-to-be-forgotten workflow. It manages the full erasure lifecycle: request submission with identity verification, legal hold checking, PII anonymisation across user records and audit events, and tamper-evident receipt generation. The system preserves audit trail integrity per GDPR Article 17(3)(e) by anonymising actor fields rather than deleting audit rows.
Key Features#
- GDPR Article 17 erasure request submission with identity verification
- Legal hold checking before erasure execution
- PII anonymisation across user records and audit events
- Tamper-evident erasure receipt generation
- Deterministic anonymisation placeholders for data consistency
- Blind index-based email lookup for subject identification
- Audit trail preservation through field anonymisation rather than row deletion
- Erasure lifecycle management (request, verification, execution, receipt)
Use Cases#
- Processing GDPR right-to-be-forgotten requests with legal hold verification
- Anonymising PII across user records while preserving audit trail integrity
- Generating tamper-evident receipts for completed erasure operations
- Managing the complete erasure lifecycle from request through verification
Integration#
Integrates with user management, audit trail, and legal hold systems for GDPR-compliant data erasure workflows.
Last Reviewed: 2026-02-24