GDPR-compliant data deletion in Tinybird

Tinybird provides several methods for deleting user data to maintain GDPR compliance. The best approach depends on your data volume and deletion frequency.

Methods for data deletion

Use the CLI

For smaller datasets or infrequent deletions, you can use the tb datasource delete command:

tb datasource delete [datasource_name] --sql-condition "user_id = 'user_to_delete'"

This method is suitable for datasets with up to a few million rows and deletion frequencies of up to 1000 operations per week.

Use the Delete API Endpoint

For more frequent deletions, you can use the Delete API Endpoint:

POST /v0/datasources/(.+)/delete

This method is more efficient for regular deletion operations.

Implement a deletion queue

For large-scale applications with frequent deletion requests:

  • Create a delete_user table to queue deletion requests.
  • Set up a scheduled job, such as a weekly job, to process the queue and delete user data from all relevant Data Sources.
  • Use partitioning on large Data Sources to optimize deletion operations.

Best practices

  • Ensure deletions cascade to all relevant Data Sources and Materialized Views.
  • For Data Sources with millions of rows, consider partitioning to improve deletion performance.
  • Monitor the performance impact of deletion operations and adjust your strategy as your data grows.
  • Implement TTL on Data Sources where appropriate to automatically remove old data.

Considerations

  • Deleting data using ALTER TABLE ... DELETE WHERE can have performance implications on large datasets.
  • Balance between immediate deletion for GDPR compliance and system performance.
  • Regularly review and optimize your deletion strategy as your data volume grows.
Updated
Looking for Classic docs?