What if someone hacks into my account? They have all my commercial information in their fingertip.
It's there anyway, and we can't truly delete it. Any website that claims to be able to do so is neglecting all the intermediaries at play (usually out of ignorance).
Bring Leave Conversation back, I do not need years long conversations in my mailbox.
They aren't permanently deleted even if you leave them. The same is true of email. Do you really want us to give you the illusion that the data is possible to delete?
Contracts should be kept by those who need them. I can burn any contract from my side or shred it.
If you want to be able to do that, then use snail mail instead of email or any other internet-based medium--although, when I receive mail from USPS, they email me a scanned copy of the envelope, and I can often see the text inside the envelope due to the way in which they scan it, so perhaps even that isn't safe.
I can delete emails from my mailbox. I click delete and they are no longer in my mailbox.
No, you can't. It looks to you like it's gone, but that data is still out there--forever. Every MTA between the two authoritative SMTP servers has seen a plaintext copy of it--and, in many cases, every ISP, since SMTP is often unencrypted. And each email provider has countless backups, regardless of what they say. If they think your email looks remotely spam-like, it's going to end up submitted to countless spam services without your knowledge.
Back in the days when schools were just starting to use email internally, I was an intern at a public school in the US. I remember when they received a notice from the state that they were now obligated to retain copies of all emails for about a decade. The teachers weren't aware of this, nor were the parents. They could "delete" emails from their mailboxes, but the emails remained on the server.
Even if the data was deleted from the live database, there were countless tape and hard drive backups. Each day, when the Director of Technology left the office, he would take a tape or hard drive home with him that contained a backup of the most important data in case the building were to be destroyed overnight.
Storage space is much cheaper today than it was back then, but the size of a single email hasn't changed much, making it feasible to store backups for a much longer duration. The storage medium might have changed (tape backups aren't as common these days), but your emails are still out there, and they'll likely outlive all of us.
Is this ideal? Probably not, but NamePros is a small company, and these are problems that even the largest privacy-centric companies haven't solved. It's nice that we're finally seeing public interest in improving the security and privacy of the internet, but there are going to need to be significant technological advances before it's truly possible to scrub this sort of data.
In the meantime, you're professionals, so we're not going to baby you like your email provider might. We make it clear: it's technologically infeasible to truly delete content posted to the internet. It's up to you to make an appropriate risk assessment. If you really want to shove the problem under the carpet, we've left the "Leave Conversation" endpoint available to those who can read the code to understand how it works and where to find it. We don't support it, and it may disappear or break. If you understand how it works and its caveats, you'll know where to find it and how to use it, since it's provided by publicly-available software (XenForo). You'll also know that it
does not actually delete the conversations, and it never has; that's why it was called "Leave," not "Delete". We didn't like that some people thought it actually deleted the data, so we replaced it with a UI that's clearer about the functionality. The functionality maps roughly as follows:
- Leave Conversation -> Archive
- Leave Conversation, ignoring future replies -> Archive + Mute
As for this:
What if someone hacks into my account? They have all my commercial information in their fingertip.
If that's a concern, I hope you've enabled proper 2FA on your account and use a randomly-generated password. Again, we don't force you to do this: you're professionals and should be capable of proper risk assessment for your own business. But you really should enable 2FA if you haven't already done so.