Expand description
GDPR Data Subject Rights Service.
Implements data subject rights as required by GDPR:
- Article 6: Lawful Basis (Consent tracking)
- Article 7: Conditions for Consent
- Article 17: Right to Erasure (“Right to be Forgotten”)
- Article 20: Right to Data Portability
§Compliance Features
| Requirement | Implementation |
|---|---|
| Consent tracking | ConsentRecord with granular purposes |
| Consent withdrawal | revoke_consent() with audit trail |
| Audit logging | All operations logged via [AuditLogger] |
| Data export format | JSON (machine-readable, portable) |
| Complete deletion | Removes from all storage layers |
| Verification | Returns deletion confirmation with counts |
§Usage
ⓘ
use subcog::services::{DataSubjectService, ServiceContainer};
let container = ServiceContainer::from_current_dir_or_user()?;
let service = DataSubjectService::new(&container)?;
// Export all user data (GDPR Article 20)
let export = service.export_user_data()?;
println!("Exported {} memories", export.memories.len());
// Delete all user data (GDPR Article 17)
let result = service.delete_user_data()?;
println!("Deleted {} memories", result.deleted_count);Structs§
- Consent
Record - A record of consent granted or revoked.
- Consent
Status - Current consent status for all purposes.
- Data
Subject Service - Service for GDPR data subject rights operations.
- Deletion
Failure - Details about a failed deletion.
- Deletion
Result - Result of a user data deletion operation.
- Export
Metadata - Metadata about the export operation.
- Exported
Memory - A single memory in the export format.
- User
Data Export - Result of a user data export operation.
Enums§
- Consent
Purpose - Purpose for which consent is granted.