GDPR “soft-delete” period for Aurora

As part of our support for GDPR, we have provided for a soft-delete period for all member account deletions. During this period of time, you can undo an account deletion and restore the deleted account. To request an account restore, open a Support ticket and include the user ID of the account you want restored.

This soft-delete window provides a built-in safety feature to handle any accidental or malicious deletes. After the soft-delete window (default is set to 10 days) has passed, deleted accounts cannot be recovered.

During the soft-delete period, the username is reserved and cannot be used when creating a new account. After the soft-delete period elapses, the deleted username is made available again for new members.

Note: This 10-day period is subsumed in 30-day SLA for user deletes.

Note: When querying for the number of deleted accounts via the API, the response does not include any accounts in a soft-delete state, only accounts that have been hard deleted.

The soft-delete period set to 10 days by default but is configurable. The recommended maximum value is 10 days so as to not risk the GDPR-mandated 30-day SLA for account deletions. To request a change to the default value of 10 days, open a Support ticket.

No action is required on your part to activate this feature and use the default configuration.