I have questions concerning the deletion requests with plugins.
I'm currently integrating the GDPR in my plagiarism plugin (through the Privacy API indeed). Everything works fine and as expected except when a user make a deletion request. It's not that it don't works, but there's something strange.
As I said, the plugin is of type plagiarism. So, my plugin stores user data related to files attached to assignments, workshops and discussion's posts as well as the message / online text content.
The point is, when a user request to delete all his data (function delete_plagiarism_for_user in my provider.php), everything is deleted from the plugin database except the stuff related to forums posts (the fields in the database linked to messages and files attached).
As a reminder, the function delete_plagiarism_for_user has two parameters : the user id and the context where data have to be deleted.
After a lot of tests and experiments, I finally understood that the problem was not coming from my function but from that context in parameter. In fact, it seems like contexts from assignments and workshops are given as a parameter, but not the contexts from forums (so it's totally normal that after deletion, there is still data related to forums posts in the plugin database).
So, my questions are :
- Is it normal that the contexts in parameter don't includes forums ?
- Should I try to bypass it and delete the data from the plugin database anyway, or that's the way it's supposed to be ?
I hope I've been clear. Thank you in advance for your suggestions.