Account Deletion
Account Deletion
Cockato allows users and customers to delete their accounts in compliance with data privacy regulations such as GDPR and CCPA. This article explains the deletion process for both tenant users (staff, owners) and end customers.
Tenant User Account Deletion
Tenant users (staff, admins, owners) can delete their own accounts, with certain restrictions.
How to Request Deletion
- Navigate to Profile Settings
- Scroll to the Danger Zone section
- Click Delete My Account
- Confirm the action by entering your password
What Gets Deleted
| Data Type | Action |
|---|---|
| Profile record | Permanently deleted |
| Organization membership | Removed from all organizations |
| Authentication credentials | Deleted from Supabase Auth |
| Activity log entries | Retained for audit (anonymized) |
Restrictions
⚠️ Important: You cannot delete your account if:
- You are the sole owner of an organization with active data
- You have pending financial obligations
If you are the sole owner, first transfer ownership to another admin or delete the organization entirely.
Customer Account Deletion
End customers (loyalty program members) can request account deletion via the Customer Portal or by contacting the organization.
Self-Service Deletion
- Customer opens the Customer Portal (link in their wallet card or email)
- Click Manage Account → Delete My Account
- Confirm the deletion
What Gets Deleted
| Data Type | Action |
|---|---|
| Customer profile | Permanently deleted |
| Points balance | Lost (non-recoverable) |
| Punch card progress | Lost (non-recoverable) |
| Wallet pass record | Deleted (pass must be manually removed from device) |
| Transaction history | Retained for audit (anonymized) |
💡 Tip: Warn customers that deletion is irreversible. Points and rewards cannot be restored.
Admin-Initiated Deletion
Organization admins can delete a customer record:
- Navigate to Customer Management
- Open the customer profile
- Click the ⋮ menu → Delete Customer
- Confirm the action
This is useful for handling GDPR "right to be forgotten" requests received via email or support ticket.
Organization Deletion (Super Admin)
Super Admins can delete an entire organization (tenant) from the SAAS Admin panel. This action:
- Deletes all customers, staff, and data associated with the organization
- Cancels any active Stripe subscription
- Is irreversible
- Navigate to SAAS Admin → Tenants
- Select the organization to delete
- Click Delete Tenant (Danger Zone)
- Type the organization name to confirm
- Click Permanently Delete
Data Retention Policy
For auditing and compliance:
- Transaction logs are retained for 7 years (anonymized)
- Deleted account identifiers are hashed, not stored in plain text
- No personally identifiable information (PII) is retained after deletion
FAQ
Can I undo an account deletion? No. Account deletion is permanent. Create a new account if needed.
What happens to my points if I delete my customer account? All points are forfeited and cannot be recovered.
How long does deletion take? Deletion is immediate. Some cached data may take up to 24 hours to propagate.
Ready to get started?
Try Cockato for free and see how it can help grow your business.
Get Started Free