GDPR: Right of access

Continuing the discussion from General Data Protection Regulation:


The GDPR enforce the right of access. To help companies to be GDPR compliant, we could provide a generic tool for this.


The tools from from GDPR: Right to erasure could be reused as the definition of what are the personal data to be exported. But we should allow to extend it for the export only.


We reuse the erase definition from GDPR: Right to erasure as the field names to call ModelStorage.export_data on the selected party.

As the design has changed, I’m wondering if we should not simply create via XML, a ir.export record and each module will be free to complete the fields.

I’m also wondering if it is really possible to define a standard export. I think this is really linked to company’s choices.