Luggage Marketplace · SCR-40 — Delete Account / Data Deletion Flow

🗑️

Delete Your Account

This is a permanent, irreversible action. Please read everything below carefully. · SRS §8.5 FR-72

Consequences ★

Export Data

Re-Authenticate

Grace Period

🚫

Account deletion is blocked

You have 2 active bookings that must be completed or cancelled before your account can be deleted. Active bookings cannot be automatically cancelled — please manage them first.

📋 Manage My Bookings → SCR-11

Return here after resolving all active bookings · SRS §8.5 FR-72; §7.5 FR-17

⚠️ Step 1 — What will happen to your account?

📅

All upcoming and active bookings will be cancelled and refunded per our standard refund policy

🏪

All your listings will be permanently removed from the platform (Host role)

⭐

Your reviews will be anonymised — they remain on the platform but won't be linked to you

🗃️

Your personal data will be permanently deleted after 30 days

🔒

This action cannot be undone after the 30-day recovery period

ℹ️ After submission, a 30-day grace period applies. You can cancel the request during this window by logging in.

📥 Step 2 — Download your data (optional)

Before proceeding, you may download a copy of all your personal data. This is your right under DPDP/GDPR (right to data portability).

Your data export will include:

• FR-80 User entity fields (name, email, phone, DOB)
• All booking history and receipts
• Reviews you've submitted
• Chat logs (where applicable)

Optional step · File generated in ~30 seconds · SRS §8.5 FR-71; §9.1 FR-80

🔐 Step 3 — Verify your identity

To prevent accidental deletion by third parties using an unlocked device, you must re-authenticate before your account can be deleted.

SRS §8.4 FR-65; §8.5 FR-72

⏳ Step 4 — 30-Day Grace Period (post-submission)

Account scheduled for deletion

Your account is now deactivated and invisible to other users. Your data will be permanently deleted on July 2, 2026.

💡 Changed your mind? Log in before July 2, 2026 to cancel this request and reactivate your account.

Account invisible in search/marketplace during 30-day window · Data not yet deleted · SRS §8.5 FR-72

📧 Confirmation Email + Audit Entry

✉️ Email sent to rahul@example.com:
"Your account deletion request has been received. Permanent deletion scheduled for July 2, 2026. If you did not request this, click here immediately."

        event_type:  DELETION_REQUESTED

        user_id:     USR-00482

        timestamp:   2026-06-02T14:31:00Z

        session_id:  SES-78DEF12

Immutable audit entry · Viewable in SCR-31 · SRS §8.5 FR-72; §7.9 FR-37; §8.7 FR-77

Wireframe Annotations — SCR-40 · Delete Account / Data Deletion Flow

Persona: Any Logged-in User (Requesting Account Deletion) — High-stakes irreversible action. DPDP/GDPR compliance is mandatory. Multiple sequential safeguard steps prevent accidental deletion. Accessed from SCR-35 Danger Zone. SRS §8.5 FR-72

Step 1 — Consequences Disclosure — Full warning list: bookings cancelled / listings removed / reviews anonymised / data deleted after 30 days / irreversible after grace period. Screen title: 'What will happen to your account?' SRS §8.5 FR-72; §7.5 FR-17

Active Bookings Guard (Blocker) — If user has active or upcoming bookings (Confirmed/Checked-in): deletion flow is BLOCKED with a red banner. CTA routes to SCR-11 to manage and resolve bookings first. Cannot proceed until resolved. SRS §8.5 FR-72; §7.5 FR-17; SCR-11

Step 2 — Data Export Option — Optional: download all personal data as JSON/CSV before deletion. GDPR/DPDP right to data portability. Includes FR-80 entity fields + booking history + reviews + chat logs. SRS §8.5 FR-71; §8.5 FR-72; §9.1 FR-80

Step 3 — Re-Authentication — Must re-authenticate (Google OAuth re-consent or password entry) before account can be deleted. Prevents accidental deletion by third parties using an unlocked device. SRS §8.4 FR-65; §8.5 FR-72

30-Day Grace Period Notice — Post-confirmation: account enters deactivated state. Invisible in search/marketplace but data not yet deleted. 'Log in before [date] to cancel this request.' Cancel option available during the window. SRS §8.5 FR-72

Deletion Confirmation Email + Audit Entry — Email sent: deletion request received / permanent deletion date / 'If you did not request this, click here.' Immutable FR-77 audit entry created: user ID / action = DeletionRequested / timestamp / session ID. SRS §8.5 FR-72; §7.9 FR-37; §8.7 FR-77