LogoLogo
  • Planet 4
  • Development
    • Contribute
    • Installation
    • Git Guidelines
    • Coding Standards
    • Continuous Delivery
  • CI/CD
    • Test Instances
    • Deployment
    • Testing
      • End-to-end Tests
      • Visual Regression Tests
  • NRO Customization
    • Development
      • Using Child Themes
      • Package Registry
      • Plugins
    • Testing
      • Visual Regression Tests
    • Deployment
      • Production
      • DB/Media Sync
  • Infrastructure
    • NRO Generation
    • ElasticSearch
    • Cloudflare
  • Recipes
    • Maintenance page
    • Production sync
    • Running commands
  • Platform
    • Practices
    • ADRs
      • [ADR-0001] Use Gitbook for Technical Documentation
      • [ADR-0002] P3 Archive elastic search integration
      • [ADR-0003] WYSIWYG Blocks Architecture
      • [ADR-0004] Switch to Monorepo
      • [ADR-0006] Define scope for deployment environments
      • [ADR-0008] PSR-4 Autoloading Standard
      • [ADR-0009] Include Media Library in master theme
      • [ADR-0011] PHP Coding Standards
      • [ADR-0012] Use custom SCSS syntax for variables
      • [ADR-0013] Choose a ticketing system
      • [ADR-0014] Choose a testing framework
      • [ADR-0015] Use block templates to build block patterns
      • [ADR-0016] Form Builder data retention policy
      • [ADR-0017] Move blocks into the theme
    • Changelog
      • 2024
      • 2023
      • 2022
      • 2021
      • 2020
      • 2019
      • 2018
  • Tech
    • Wordpress
    • Blocks
    • Plugins
    • Hooks
    • Data migrations
    • CSS variables
Powered by GitBook
On this page
  • Context and Problem Statement
  • Decision Outcome
  • Links
Edit on GitHub
  1. Platform
  2. ADRs

[ADR-0016] Form Builder data retention policy

Enforce a 3 months retention policy. Enable personal data safeguards.

Previous[ADR-0015] Use block templates to build block patternsNext[ADR-0017] Move blocks into the theme

Last updated 5 months ago

  • Status: accepted

  • Deciders: Development, Product

Technical Story: We want to avoid storing supporters’ personal data into the websites’ databases. Instead data should be stored into relevant external systems (Hubspot, Salesforce, etc) where applicable.

Context and Problem Statement

Most of the Form types (as ) are already integrating into external systems. But not all of them do (eg. Quiz). For the ones that don’t we need to identify what’s a reasonable policy for NRO admins to have the time to decide the extent of data they want to keep but also have the time to export them. But even for the forms that send data to other systems (eg. Petitions) we need a failsafe to make sure data is actually sent over before deletion.

At the same time we should aim for respecting GDPR requirements for the period of time these data remain on websites’ databases.

Decision Outcome

Data retention

Enforce a 90 days retention policy. All submission entries will be automatically deleted after point. It would be up to NRO admins to export any submission data that are not synced to another external system if they wish to.

Integrate into Wordpress export/delete tools

This is useful in cases where an NRO gets a request by a supporter to delete or export personal data.

Minimize personal data footprint

Don’t store IP addresses on form submissions.

Links

Data Flows Miro board
identified