To comply with the terms of the General Data Protection Regulation (GDPR), Solaris must delete customer data when requested or otherwise legally required to do so. Your solution must follow specific guidelines with regard to handling (and deleting) personal data from customers. This page describes how to handle GDPR deletion requests in your system.
If you store any kind of data from customers in your system, then you must subscribe to the PERSON_DELETED webhook so that you can receive notifications whenever Solaris deletes a customer's data. If you also serve business customers, then you must also subscribe to the BUSINESS_DELETED webhook.
As soon as you receive a
you must immediately delete all data related to the person or business named
in the webhook payload.
Notifications on the
BUSINESS_DELETED webhooks will
contain the ID of the deleted person or business.
Solaris is legally required to delete all records related to persons who did
not become Solaris customers (i.e., did not establish a contractual
relationship with Solaris) within 90 days of collection. After this 90
day period has passed, Solaris will send a
BUSINESS_DELETED) webhook notification, at which point you must
immediately delete their data.