Note: Before erasing personal data in the Linux Mail service module, make sure that the GDPR application is upgraded to the latest version.
To erase the personal data of a user, revoke the Linux Mail service from the user.
To erase the personal data of a customer account, destroy all the Linux Mail subscriptions of that account.
Recommendations
- The service module does not write personal data to platform log files on the management node when the logging level is set to INFO or a less verbose value. The service module may write some personal data to those log files when the logging level is set to DEBUG or a more verbose value. By default, the logging level and the log retention period are DEBUG and 28 days correspondingly, which means that you may need to manually remove personal data from those log files.
- The service module consists of several services such as qmail, Courier IMAP, Dovecot, SpamAssassin, DrWeb, WHOSON, Majordomo, and OpenLDAP. These services write personal data to their own log files, and CloudBlue Commerce is not responsible for the configuration of logging to the log files. To comply with the GDPR, follow the instructions and recommendations provided at https://kb.cloudblue.com/132889.
- The service module can be integrated with third-party webmail services such as Open-Xchange, Atmail, and Horde IMP. These webmail services store data in their own databases and write data to their own log files. Neither the webmail service databases nor webmail service logging is managed by CloudBlue Commerce. As a result, personal data may be found in the respective databases and log files. In the case of the Open-Xchange and Atmail services, to comply with the GDPR, follow the instructions and recommendations provided by their vendors. In the case of the Horde IMP service, to comply with the GDPR, follow the instructions and recommendations provided at https://kb.cloudblue.com/132890.
See also