Operations

GDPR Retention and Anonymization

Policy levels, priority rules, actions, and execution controls.

Policy levels

response override
form policy
global policy

Priority: response override > form policy > global policy/default

Actions

none
anonymize
delete

Policy options

after_days
anonymize_fields
delete_files
redact_submitter
redact_network
enabled

Execution notes

eligibility uses submission created_at
empty anonymize_fields means full payload anonymization
delete action removes submission and may remove files
runner supports dry-run and chunked execution

APIs

Facade:

Form::setGdprGlobalPolicy(...)
Form::setGdprFormPolicy(...)
Form::scheduleGdprResponseAction(...)
Form::runGdpr(...)

CLI:

formforge:gdpr:policy
formforge:gdpr:response
formforge:gdpr:run

HTTP:

PUT /forms/{key}/gdpr-policy
POST /forms/{key}/responses/{submissionUuid}/gdpr/anonymize
POST /forms/{key}/responses/{submissionUuid}/gdpr/delete
POST /gdpr/run

Submission Export (CSV and JSONL)

Export entry points, filters, and output field model.

Model Overrides and Data Model

Overridable model keys and conceptual FormForge tables.