GDPR Assistant works on Front-End for "User's Data Report" module and on Backend for "Automatic User Deletion" part. You can configure the application at the Application Settings page in the Admin section of Freshdesk. The only mandatory field is API key which requires system privilege to be able to perform the deletion operations for Contacts and Tickets.
1 - API key of Account Admin or any other role that permit to make deletion of Contacts and Tickets (mandatory). 2 - Agent roles who will have access to generate GDPR reports and purge user's data. 3 - Time ranges for automatic deletion of Contacts and helpdesk Tickets with no activity. 4 - Set of Custom Filter Rules that give the ability to create specific exceptions from the automatic deletion process for Contacts and Tickets.
Custom Filter Rules Examples
If you don't want to the Contacts from a certain company to ever be deleted, you can create the following Custom Filter Rule: Filter "Contact" by "Email domain" : "@company.com" delete after "Never"GDPR Assistant will apply ALL the rules, and in case of conflicting conditions will execute the latest (with the greatest number, lowest in the table) applicable rule. So, the latest rule has an overwriting priority.
Please, note that recurring updates of any Tickets will defend both Tickets and its author Contact from auto-deletion. This is because no Contact could be deleted if he has at least one active (not-outdated) Ticket. The automatic deletion based on 'update_at' state of the ticket. Eventually, if the agent or some dispatcher/observer rule would cause repetitive ticket updates, then ticket (and his author Contact) might be never automatically deleted by GDPR Assistant.
Required Time for deletion process
User deletion process is time dependent. There is a rate limit of requests per minute per app per account. If after the app setup your Freshdesk will have a lot of outdated users, it might take some time to delete a queue of them. Currently, around 25 contacts can be deleted per minute.