Self-register billing as an org-axis GDPR provider that anonymizes payment identifiers while keeping the financial record (legal/tax retention).
Scope — billing.init.js (axis:'org', retention:'anonymize')
- Export per
orgId: Subscription + ExtraBalance ledger + Usage (exclude internal ProcessedStripeEvent / FailedBackfill — not subject data).
- Erase = anonymize Stripe identifiers (
stripeCustomerId, stripeSubscriptionId, ledger stripeSessionId / historyId / adminUpdatedBy); keep org id, amounts, dates, ledger kinds (tax retention). BillingUsage (pure metering) may hard-delete (add deleteByOrg).
- Degrades to a no-op when billing is deactivated.
DoD
Note: a billing org-removal cleanup handler is a separate concern, out of scope here.
Depends on: GDPR export+erasure controller (org-axis payload).
Created via /dev:issue
Self-register billing as an org-axis GDPR provider that anonymizes payment identifiers while keeping the financial record (legal/tax retention).
Scope —
billing.init.js(axis:'org',retention:'anonymize')orgId: Subscription + ExtraBalance ledger + Usage (exclude internalProcessedStripeEvent/FailedBackfill— not subject data).stripeCustomerId,stripeSubscriptionId, ledgerstripeSessionId/historyId/adminUpdatedBy); keep org id, amounts, dates, ledger kinds (tax retention).BillingUsage(pure metering) may hard-delete (adddeleteByOrg).DoD
/verifygreen.Note: a billing org-removal cleanup handler is a separate concern, out of scope here.
Depends on: GDPR export+erasure controller (org-axis payload).
Created via /dev:issue