Hello, I have some questions about implementing GDPR compliance in Kafka.
In our situation we have the requirement of removing personal data from in coordination with multiple systems. The idea is having a central "coordinator system" which triggers the deletion process for the individual systems in a specific, controlled sequence which takes into account the various system inter-dependencies and data flows. This means e.g. system nr. 2 will receive the delete order only after system nr. 1 has reported that it's done with the deletion on its side (and so forth). One of the systems in question publishes data in Kafka topics for consumption in other systems and part of the deletion process is to remove the relevant personal data from these Kafka topics too. This has to happen in a relatively short time after the deletion order is received, to prevent a long delay before the systems further down the chain can start their own deletion. Furthermore, we need to know when the operation is completed: only at that point we can give the "go" to the other systems. We are unsure how to satisfy those requirements in Kafka. If anyone has ideas or suggestions we would be very interested in your opinion. We are also interested in general about experiences in implementing GDPR compliance in Kafka, especially when dealing with multiple, interconnected systems. Kind regards, -- Christian Apolloni Disclaimer: The contents of this email and any attachment thereto are intended exclusively for the attention of the addressee(s). The email and any such attachment(s) may contain information that is confidential and protected on the strength of professional, official or business secrecy laws and regulations or contractual obligations. Should you have received this email by mistake, you may neither make use of nor divulge the contents of the email or of any attachment thereto. In such a case, please inform the email's sender and delete the message and all attachments without delay from your systems. You can find our e-mail disclaimer statement in other languages under http://www.baloise.ch/email_disclaimer
