Data Deletion
Delete visitor data to comply with GDPR right-to-erasure requests
UserBoost provides a data deletion tool for handling GDPR right-to-erasure requests from your website's visitors.
Who Initiates Deletion?
Under GDPR, you (the website owner) are the data controller. UserBoost is the data processor. When a visitor requests their data deleted, they contact you — and you use this tool to execute the deletion.
How to Delete Visitor Data
- Go to your domain's Privacy tab
- Enter the visitor's email address
- Click Search — the system finds all associated data
- Review what will be deleted:
- Conversations where the email appears in messages
- Contact form submissions matching the email
- Click Delete all data and confirm
Deletion is immediate and irreversible.
What Gets Searched
The system searches for the email address in two places:
- Contact form submissions — tickets where the email field matches
- Conversation content — conversations where the visitor typed their email in the chat
This catches both explicit submissions and casual mentions.
What Gets Deleted
| Data | Deleted? |
|---|---|
| Conversations containing the email | Yes |
| Contact form submissions (tickets) | Yes |
| Feedback on deleted conversations | Yes (part of the conversation) |
| Popup ratings | No — collected anonymously |
| Answer corrections | No — admin-created, not visitor data |
| Analysis reports | No — aggregated themes, not individual data |
Audit Trail
Every deletion is logged in the audit trail with:
- Who performed the deletion (admin account)
- Which email was searched
- How many conversations and tickets were deleted
- Timestamp
This log contains no visitor PII — it records the action, not the deleted data.
Webhook Data
Data sent via webhooks to your external systems (Slack, CRM, etc.) is your responsibility to manage. UserBoost does not store or recall webhook payloads.
Make sure to also delete the visitor's data from any external systems that received webhook notifications.