-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Delete from Acoustic when deleting contact from DB #571
Comments
For MoCo versus MoFo data retention policies--the deletes are a little different; some of the specifications can be seen in this document--the document/processes are currently being circulated for feedback: https://docs.google.com/document/d/1CHE3o7ZHprNBaN-2RvgApbI_8kpanJGdQ-ALZZZSRtE/edit#heading=h.u4hbegz4rvw3 |
To be clear, this process we're describing is for the purposes of GDPR, correct? On the Acoustic side, I'll think we'll want to make sure we're using the "GDPR Erasure" endpoint, rather than any sort of "DELETE" endpoint. In fact, I can't seem to find any docs that hint at a "Delete contact" endpoint. |
Not only. Now that we have a DELETE endpoint on CTMS (#548), and since we don't have fine-grained permissions (#239), anyone that has access to the API can delete contacts. Once contacts are deleted, we lost track of them in Acoustic.
FWIW there is this beta API https://developer.goacoustic.com/acoustic-content/reference/post_authoring-v1-changes-delete |
@leplatrem It looks like that API endpoint is for Acoustic's CMS offering Content (API home), not Acoustic Campaign. I did just find this though -- the XML API has a RemoveContact endpoint, which sounds like what we want. |
Currently, the Solution 3: Redesign sync queueWe could redesign the Solution 4: add some new
|
As for mofo_relevant=true contacts; there does require some data hygiene finesse. We'll need some way to determine which contacts have donated within 4 years--within 4 years donation data can't be fully deleted. (4years is the requirement currently, but the ability to modify this was a desire.) Getting the donation data, I imagine that's going to require a call to a MoFo Service (possibly SFNP)? I think it could be time to rethink the background "job" for something more standard, be it just an external service or a DAG. Aside: |
Currently, there's absolutely no finesse :) We are trying to find a solution to make sure contacts deleted from CTMS are also deleted from Acoustic.
Why not, but this is orthogonal to this issue, and would have to be detailed in an ADR or blueprint doc first IMO
What do you mean with provide the queries as APIs ?
I like that idea! It's pretty simple to implement and give us some leverage to retry etc. |
Currently, the GDPR requests to delete contacts are handled in at least two different steps. One for the DB (see #240), and another for Acoustic.
Deleting the recipients from Acoustic from the
DELETE /ctms/email
endpoint is not trivial using the current code/architecture, since Acoustic is only accessed from the sync job.But, since anyone with a token can issue a DELETE request (#239), outside the GDPR process, we could easily end up in a situation where contacts are soft deleted from CTMS but remain in Acoustic. Plus, there does not seem to be easy way to compare the two databases (#565).
We need to find a solution to solve deletions.
solution 1: soft-delete #60
Instead of full delete as done in #548, we implement #60.
A contact will become deleted from the DB after the following steps:
DELETE /ctms/{email_id}
deleted
flag is set on contact, and contact is marked as "pending sync"solution 2: delete from Acoustic from delete endpoint
This solution would consist in moving some of the Acoustic code from the sync command to the Web app, so that a synchronous call to Acoustic could be made within the request/response cycle on the DELETE endpoint.
AFAIU the Web app does not have all env vars necessary to initialize the Acoustic client, like the sync job does.
solution 3: _____
The text was updated successfully, but these errors were encountered: