Docs/Privacy & Data

Delete your account

GDPR Art.17 / APPI Art.34 / CCPA 1798.105 right to erasure — how deletion works and what remains anonymized.

Last updated: 2026-04-22

Delete your account

manabiQ lets you delete your account at any time. This is guaranteed by GDPR Article 17 (right to erasure), APPI Article 34, and CCPA 1798.105.

How to

Learners

  1. Go to /my-settings
  2. Click Delete My Account
  3. You'll be asked to re-authenticate (required for security)
  4. Confirm on the final dialog
  5. Deletion complete

Admins

  1. Go to /settings
  2. Find the Danger Zone section
  3. Click Delete Account
  4. Re-authenticate
  5. Confirm

Why re-authentication is required

Deletion is irreversible. To prevent:

  • Malicious deletion via stolen tokens
  • Accidental deletion on shared machines left signed in
  • Mistaken deletion from long-idle sessions

we require a sign-in within the last 5 minutes.

To re-authenticate:

  1. Sign out
  2. Sign in again
  3. Go back to /my-settings or /settings and retry deletion

What gets deleted

Completely removed

  • Account info (email, name, organization)
  • Profile info
  • Firebase auth record
  • Google Drive / OneDrive OAuth tokens (also revoked at the provider)
  • Course progress and quiz responses
  • Customer support history

Anonymized (retained for legal obligations)

  • AI training feedback — original email is removed and replaced with an anonymized ID (hash starting with anon_)
  • Audit logs — retained only for the minimum period required for accounting / tax / compliance audits
  • Aggregate statistical data — kept in a form not tied to any individual

Stripe billing records

Retained by Stripe for legal accounting / tax obligations. manabiQ removes what we can, but Stripe's records are subject to their own policies.

Admin account deletion — cascading effects

If an Owner deletes their account:

  • Their created courses are auto-deleted
  • Invited learners lose access
  • In-progress subscriptions are canceled immediately
  • Other admins (Editors) in the team lose access

If you want the team to continue, transfer Owner rights to another admin first.

Globally deleting a learner (admin action)

When an admin uses Delete Globally on /manage/learners, the same anonymization logic applies.

Restoration

Deletion cannot be undone. If you want to use manabiQ again, create a fresh account.

Verifying residual data

After deletion, call /api/privacy/export again. A "no data" result confirms completion.

Deletion at sub-processors

Data deleted from manabiQ is also deleted at:

  • Google Cloud (Firestore, Cloud Storage)
  • Firebase Authentication
  • Vertex AI (prompts purged within 24 hours per Google's terms)
  • Stripe (except retention required by law)

Legal context

  • GDPR: Both controller (customer) and processor (manabiQ) have deletion obligations
  • APPI: Upon valid request, we must stop third-party provision of personal data
  • CCPA: California residents can request deletion free up to 2 times per year

See Privacy Policy for full details.

FAQ

Q: How long does deletion take? A: Primary data: seconds. Full removal from backups: up to 90 days (within legal bounds).

Q: I deleted by accident — can I recover? A: No. That's why we require re-authentication.

Q: I received an invoice after deleting. Why? A: In-progress subscriptions are canceled immediately at deletion, but already-issued invoices may still be payable. Contact contact@manabiq.com if unsure.

Next steps

Did this article help? Contact support if not