saas-tenant-data-portability-and-erasure
Installation
SKILL.md
SaaS Tenant Data Portability and Erasure
Acknowledgement: Shared by Peter Bamuhigire, techguypeter.com, +256 784 464178.
Use When
- Implementing the data-portability (export) and erasure (delete) workflows mandated by GDPR Article 20 / 17, POPIA, CCPA, Uganda DPPA, Kenya DPA.
- Designing the cascade that purges a tenant's data through every store the SaaS uses — primary DB, search index, file storage, warehouse, caches, backups, ESP suppression list, CRM, analytics, third-party processors.
- Handling user-level vs tenant-level erasure (a user leaving a tenant vs a tenant leaving the platform).
- Designing requester verification so an attacker can't erase a competitor's tenant.
- Designing the retention policy and the documented backup window (what survives erasure and for how long).
Do Not Use When
- The task is general data classification — use compliance audit work in
vibe-security-skill/web-app-security-audit. - The task is tenant lifecycle state machine — use
saas-control-plane-engineering. - The task is region-specific compliance content — use
uganda-dppa-compliancefor Ugandan specifics.