Right to erasure / deletion request process

Description

Right-to-erasure (right-to-be-forgotten under GDPR Article 17, with parallels in CCPA, LGPD, and most modern privacy statutes) is the obligation to delete a data subject's personal data on request, across primary stores, backups, search indexes, replicas, and processor systems, within a fixed regulatory window (typically 30 days, extendable in narrow circumstances). The operational system has three layers that have to line up: the intake that verifies the request and identifies the subject across product accounts, the deletion fan-out that reaches every store the data has propagated to (most products discover at this point that the data inventory was incomplete), and the audit log that documents what was deleted, when, and from where. Backups are the recurring sticking point; most regulators have accepted a documented policy that says backups are deleted on rotation rather than expecting forensic deletion from cold storage, but the policy has to actually exist and the rotation has to actually happen. The hardest part operationally is usually not the primary delete; it is finding everywhere the data went after collection.

Required by (3 regulations)

• GDPR

  Article 17 — right to erasure ("right to be forgotten").

  Regulation (EU) 2016/679 of the European Parliament and of the Council

• CCPA/CPRA

  CCPA §1798.105 — right to deletion.

  Cal. Civ. Code §§1798.100-1798.199.100; 11 CCR §7000-7102

• LGPD

  Article 18 § VI — deletion of unnecessary or excessive data.

  Lei nº 13.709, de 14 de agosto de 2018 (as amended by Lei nº 13.853/2019 and Emenda Constitucional nº 115/2022)

Fulfilled by (3)

• transcend · full · medium effort · $$
• onetrust · partial · medium effort · $$
• In-house build · high effort

ClearLaunch does not accept payment from vendors. Methodology.

Evidence formats

• deletion runbook
• deletion logs
• processor passthrough confirmations
• backup-rotation policy