How to handle data deletion requests across automated flows?

Data deletion requests (like GDPR Article 17) affect automation specifically:

Immediate actions: Exit the person from all active automations. Stop any scheduled or pending sends. Remove from automation segments and queues.

Data removal: Delete stored profile and behavioral data. Remove from automation history and logs (where legally required). Retain only suppression record (email hash) to prevent re-marketing.

Prevention of re-entry: Deleted contacts must not re-enter automation via triggers. Suppression list prevents future targeting. Even if data arrives from other sources, block automation.

Documentation: Record when deletion was requested and completed. Maintain compliance audit trail. Prove deletion occurred within required timeframe.

System considerations: Deletion must propagate to all connected systems. Backup systems need deletion as well.

Deletion is not just list removal. It affects automation state, history, and future eligibility.