Best practice for deleting users in Superset in regards to GDPR

[SkaziBavaria]

Hi,
I am running Superset and I am currently looking into how to delete users which has the right to be forgotten according to GDPR.
I’m trying to understand what the recommended / best practice is for this scenario:
Has anyone implemented an automated cleanup process?

Any guidance, references to documentation, or real world experience would be greatly appreciated.
Thanks!

[cookesan]

I would separate the legal policy from the technical action here. This is not legal advice, but technically I would avoid a blind hard delete until you have mapped the references that matter in your deployment.

Superset users are Flask-AppBuilder users, and Superset metadata can reference users for ownership, created/changed metadata, audit/event logs, reports, saved queries, dashboards, charts, and related objects. A hard delete may be possible in a narrow setup, but it can also break history or ownership unless those references are reassigned or anonymized first.

A safer automation usually looks like:

1. disable the account and revoke access immediately
2. reassign owned content to a service/admin account where needed
3. anonymize personal fields such as username, first/last name, email, avatar, and extra attributes according to your policy
4. decide separately which audit records must be retained, anonymized, or purged
5. test the cleanup on a restored copy of production metadata

I could not find a Superset-specific "GDPR erase this user" command in the current docs/source. If you implement one, I would keep it as an internal management command with a dry-run report first, because the correct behavior depends heavily on your retention rules and installed auth setup.