Opening an issue to track the D8 port feature request.
Closed an issue in the Commerce issue queue as a duplicate: #2947252: GDPR EU complience → .
Quoting the ideas from that issue:
I think there should be 2 things happening....
1. Every Profile (Shipping or Billing - or any other custom profile) needs to be encrypted all the time using a solid encryption method...
There are quite of few encryptions modules for Drupal 8 already, such as https://www.drupal.org/project/encryption → or https://www.drupal.org/project/encrypt → ... but I have not yet tried them out nor fully understand their implications to the speed of overall website, etc...2. A cron job (Queue Worker) which will delete all Billing and Shipping information on any orders which are older than X amount of days... Leaving just the bare bones of information should as: Order Number, Email, OrderItems, Payment Reference (not full payload)...
Active
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Maybe a future version could become a submodule of https://www.drupal.org/project/gdpr →
https://www.drupal.org/project/entity_sanitizer → might also be helpful. Still there doesn't seem to be a Drupal 8+ solution yet?