I would like an option in the client area, where the customer can download all his data stored in the system.
Not as confident with this idea, I think it could lead to several potential security issues, including data-privacy breaches for PCI Compliance as well as the potenital for others to try to seal client data and information. Instead of the usual hassle of having to guess passwords, or hack a MySQL this would make it easy pickings for data theifs.
This is a mandatory requirement for GDPR.
No, as long as they can ask for it and you send it to them (within a reasonable time-frame) you should be fine.
We just some training in this and we've not heard anything about an obligation for them having to be able to do so themselves.
And I agree with Nicolas, the implications of downloading it themselves may be bigger then you might think.
Comments have been locked on this page!