GDPR and losing data intentionally

question 2 connections

Audience asks how to reconcile immutable events with GDPR 'right to be forgotten'. Answer: design the system so GDPR-sensitive data lives in a separate side stream (e.g. user profile / user GDPR data) that can be dropped while the main user stream retains business history. Alternative: encrypt the sensitive data and destroy the key, leaving data in place but unreadable. Either way you must think about this up front.

answer_summary

Keep GDPR-sensitive data in a separate stream that can be dropped, or encrypt and lose the key — but plan for it up front.

question GDPR and losing data intentionally

about

Event Sourcing concept

Asks how immutable event stores reconcile with GDPR right to be forgotten.

question GDPR and losing data intentionally

asked_at

Introduction To Event Sourcing How To Use It With Ruby talk

Asked during Q&A.

Provenance

Created in: Introduction To Event Sourcing: How To Use It With Ruby 2026-04-17 21:52
Read by: 1 extraction