DEV Community

Cover image for Effortless Privacy Protection: Simplifying Account Deletions

Posted on

Effortless Privacy Protection: Simplifying Account Deletions

In the realm of backend development, managing user accounts and adhering to privacy policies can present challenges for application developers. In this article, we will discuss the issues faced in deleting user accounts within a slot booking application and propose practical solutions.

User Interaction in Slot Booking Application:
The slot booking application allows users to book, cancel, and update their slots, providing a seamless experience. However, complying with privacy policies, particularly those set by the play store, adds a layer of complexity to the process.

Privacy Policies:
To align with play store policies, it is imperative to enable users to delete their accounts. Nevertheless, challenges arise when attempting to maintain essential data, such as monthly bookings and earnings, especially after a user has deleted their account.

Challenges Faced:
One of the primary challenges is the need for metrics and reports, especially in scenarios where a user decides to delete their account. How can the application keep track of users who have made bookings if their accounts are deleted?

Temporary Solutions:
Two temporary solutions have been considered to address the issue. The first involves marking an "is_deleted" flag on each user account. However, this may conflict with play store policies, posing a potential problem.

The second solution involves modifying the email field. This approach facilitates a soft delete by marking the user as deleted and altering the email address to include a timestamp. While effective, it introduces a new challenge when downloading reports, as email IDs may appear differently from an admin's perspective.

const userId = "your_user_id"; // replace with the actual user ID
const deleteTimestamp =;

try {
  const user = await User.findById(userId);
  if (user) {
    //Soft delete by marking as deleted and changing the email
    user.isDeleted = true; = ? `${}_deleted_${deleteTimestamp}` : `deleted_${deleteTimestamp}`;
    console.log('Soft delete successful');
  } else {
    console.log('User not found');
} catch (error) {
  console.error('Error during soft delete:', error);
Enter fullscreen mode Exit fullscreen mode

Final Solution:
To resolve the issue, a final solution has been proposed. When a user account is deleted, the associated email address is modified for reporting purposes. Additionally, orders previously attributed to the deleted user are reassigned to a pre-configured "deleted user" account, ensuring data integrity.

The provided code snippet demonstrates the final solution's implementation. It involves identifying the deleted user by their modified email and updating the associated orders. Finally, the user account is removed.

//assume that deletedUser created on db initial setup

let deletedUser = User.find({");

await Orders.findAndUpdate(
    {order_by: userId}, 
    {order_by: deletedUser._id}
await User.findByIdAndRemove(userId);
Enter fullscreen mode Exit fullscreen mode

Balancing user privacy, data management, and adherence to store policies is crucial in the development of slot booking applications. The final solution presented here aims to address the challenges associated with deleting user accounts, ensuring a seamless experience for both users and administrators.

Happy coding

Top comments (0)