---
title: "ETSI EN 303 645 personal data deletion FAQ for consumer IoT"
canonical_url: "https://www.sorena.io/artifacts/global/etsi-en-303-645/faq/personal-data-deletion"
source_url: "https://www.sorena.io/artifacts/global/etsi-en-303-645/faq/personal-data-deletion"
author: "Sorena AI"
description: "What ETSI EN 303 645 says about deleting user data and personal data from consumer IoT devices, associated services, apps, and evidence records."
published_at: "2026-05-09"
updated_at: "2026-05-27"
keywords:
  - "ETSI EN 303 645 personal data deletion"
  - "ETSI 5.11"
  - "consumer IoT user data deletion"
  - "TS 103 701 IXIT deletion evidence"
  - "ETSI EN 303 645"
  - "consumer IoT"
  - "personal data deletion"
  - "user data deletion"
  - "IXIT evidence"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# ETSI EN 303 645 personal data deletion FAQ for consumer IoT

What ETSI EN 303 645 says about deleting user data and personal data from consumer IoT devices, associated services, apps, and evidence records.

*FAQ* *GLOBAL* *ETSI EN 303 645*

## ETSI EN 303 645 Personal data deletion for consumer IoT products

ETSI EN 303 645 expects consumer IoT products to make user-data erasure simple on the device and to support removal of personal data from associated services where applicable.

This FAQ stays within the ETSI source text: it summarizes the technical deletion expectations and the evidence fields used by ETSI TS 103 701, without treating the standard as a complete GDPR compliance checklist.

Short answer: provide a simple deletion path for user data stored on the IoT device, provide a simple way to remove personal data from associated services where applicable, explain the deletion steps clearly, and confirm deletion from services, devices, and applications. ETSI also warns that factory reset is not always a suitable answer, especially where one user needs to remove their personal data without disrupting another owner or future user.

## What does ETSI EN 303 645 require for personal data deletion?

Clause 5.11 of ETSI EN 303 645 is the main deletion section. Provision 5.11-1 says the user shall have functionality so user data can be erased from the device in a simple manner. The standard defines that user data broadly for this context: individual data stored on the IoT device, including personal data, user configuration, and cryptographic material such as user passwords or keys.

Provision 5.11-2 is narrower and service-focused. It says the consumer should have functionality on the device so personal data can be removed from associated services in a simple manner. The examples given by ETSI include transfer of ownership, the consumer wanting to delete personal data, removing a service from the device, and disposal of the device.

- Treat device erasure and associated-service removal as two related but distinct deletion paths.
- Do not assume a factory reset is enough for every privacy scenario; ETSI gives a shared-use example where resetting the whole device would not be appropriate for deleting one user's personal data.
- Keep GDPR statements narrow: EN 303 645 says the functionality is expected to comply with applicable data protection law, including GDPR, but the standard itself presents technical baseline provisions rather than a full legal assessment.

Sources for this answer:

- [ETSI EN 303 645 V2.1.1, clause 5.11](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Primary ETSI source for consumer IoT user-data erasure, personal-data removal from associated services, deletion instructions, confirmation, and the caution that factory reset is not always the right mechanism.
- [ETSI EN 303 645 V2.1.1, clause 6](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Privacy context for consumer IoT, including clear information about personal data processing, valid consent where consent is the basis, withdrawal capability, and telemetry minimization.

## What should the user experience include?

The standard uses simple, user-facing language. Deletion should require minimal steps and minimal complexity, and users should receive clear instructions on how to delete their personal data.

ETSI also expects clear confirmation that personal data has been deleted from services, devices, and applications. For a product team, this means the deletion flow should not stop at a hidden backend job or a vague success message; the user should be told what was deleted and where the deletion applied.

- Show the deletion entry point in the relevant device, app, or service interface instead of burying it in support-only processes.
- Explain whether the action erases device-stored user data, removes personal data from associated services, deletes an app or account profile, or does more than one of these.
- Confirm the result in user-visible language, including any practical consequence such as logout, loss of remote services, or return to factory-default state.

Sources for this answer:

- [ETSI EN 303 645 V2.1.1, provisions 5.11-3 and 5.11-4](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Source for clear deletion instructions and clear confirmation that personal data has been deleted from services, devices, and applications.
- [ETSI TS 103 701 V2.1.1, sample IXIT 25-DelFunc](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - The sample IXIT illustrates deletion-function evidence fields such as description, target type, initiation and interaction, and confirmation for device reset and online-profile removal examples.

## What evidence should teams keep for assessment?

ETSI TS 103 701 maps the deletion provisions to concrete IXIT entries. For 5.11-1, the required deletion-function evidence includes an ID, description, target type, and initiation and interaction. For 5.11-2, teams also need personal-data evidence that describes the personal data and processing activities, linked to the deletion functionality.

For 5.11-3 and 5.11-4, the evidence extends to user information: documentation of deletion, personal-data and deletion-function entries, and confirmation evidence. The useful evidence packet therefore joins three views: the personal data inventory, the deletion function, and the user-facing documentation or confirmation.

- Maintain a personal-data inventory that records what personal data is processed, the purpose, authorized parties, lifecycle, and processing activities where those fields apply.
- Maintain a deletion-function record for each deletion route, including the target type and the exact user interaction that initiates it.
- Retain screenshots, user documentation, or other visible evidence showing the deletion instructions and the confirmation shown after deletion.

Sources for this answer:

- [ETSI TS 103 701 V2.1.1, Annex B provision-to-IXIT mapping](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment mapping for provisions 5.11-1 through 5.11-4 and data-protection provisions, including IXIT 21-PersData, IXIT 25-DelFunc, and IXIT 2-UserInfo fields.
- [ETSI TS 103 701 V2.1.1, conformance assessment methodology](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Defines the assessment methodology for consumer IoT devices, associated services, and relevant processes against ETSI EN 303 645, including ICS, IXIT, and external evidence concepts.

## Primary sources

- [ETSI EN 303 645 V2.1.1, clause 5.11](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Primary ETSI source for user-data erasure from the device, personal-data removal from associated services, deletion instructions, confirmation, and the warning that factory reset is not always suitable.
  - Quote: "Make it easy for users to delete user data"
- [ETSI EN 303 645 V2.1.1, clause 6](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Technical privacy provisions for consumer IoT, including transparency around personal data processing, consent where applicable, withdrawal capability, and telemetry minimization.
  - Quote: "Data protection provisions for consumer IoT"
- [ETSI TS 103 701 V2.1.1, deletion evidence mapping](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment source for IXIT evidence fields tied to deletion provisions, including personal-data records, deletion functionality, user information, and confirmation evidence.
  - Quote: "IXIT 25-DelFunc"

## Topic Guides

- [ETSI EN 303 645 Applicability and Scope](/artifacts/global/etsi-en-303-645/applicability-and-scope.md): Decide whether a connected product is in scope of ETSI EN 303 645, define the consumer IoT evidence boundary, and document N/A justifications for assessment.
- [ETSI EN 303 645 compliance: ICS, IXIT, evidence](/artifacts/global/etsi-en-303-645/compliance.md): Plan ETSI EN 303 645 compliance evidence for consumer IoT products with scope, ICS, IXIT, TS 103 701 assessment steps, verdict risks, and source-linked controls.
- [ETSI EN 303 645 consumer IoT products: what is in scope?](/artifacts/global/etsi-en-303-645/faq/iot-consumer-products.md): ETSI EN 303 645 FAQ on consumer IoT product scope: devices, associated services, constrained devices, out-of-scope industrial uses, ICS, IXIT, and TS 103 701 evidence.
- [ETSI EN 303 645 Current Version Tracker](/artifacts/global/etsi-en-303-645/current-version-tracker.md): Track ETSI EN 303 645 version evidence, ETSI deliverable status checks, TS 103 701 assessment alignment, and change triggers for consumer IoT security work.
- [ETSI EN 303 645 CVD Workflow for IoT Vulnerability Reports](/artifacts/global/etsi-en-303-645/vulnerability-disclosure-cvd-workflow.md): Source-linked workflow for ETSI EN 303 645 vulnerability disclosure: public policy contents, reporting contact, acknowledgement and status timelines, timely action, and TS 103 701 evidence.
- [ETSI EN 303 645 Data Protection Provisions](/artifacts/global/etsi-en-303-645/data-protection-provisions.md): source-linked guide to ETSI EN 303 645 data protection provisions for consumer IoT: personal data security, telemetry transparency, consent, and deletion evidence.
- [ETSI EN 303 645 default passwords: what must consumer IoT teams do?](/artifacts/global/etsi-en-303-645/faq/default-passwords.md): ETSI EN 303 645 default password guidance for consumer IoT: unique or user-defined passwords, pre-installed password generation, change mechanisms, brute-force controls, and TS 103 701 evidence.
- [ETSI EN 303 645 FAQ: Consumer IoT Security Questions](/artifacts/global/etsi-en-303-645/faq.md): source-linked answers to common ETSI EN 303 645 questions on consumer IoT scope, associated services, default passwords, updates, vulnerability disclosure, telemetry, deletion, and TS 103 701 evidence.
- [ETSI EN 303 645 ICS and IXIT Evidence Template](/artifacts/global/etsi-en-303-645/ics-and-ixit-evidence-template.md): Build a source-linked ICS and IXIT evidence template for ETSI EN 303 645 consumer IoT assessments, with clear separation between EN provisions and TS 103 701 test information.
- [ETSI EN 303 645 implementation checklist](/artifacts/global/etsi-en-303-645/implementation-checklist.md): Use this ETSI EN 303 645 implementation checklist to scope a consumer IoT product, record Annex B support statuses, map IXIT evidence, and avoid weak conformance claims.
- [ETSI EN 303 645 Implementation Evidence Guide](/artifacts/global/etsi-en-303-645/implementation-evidence.md): Build ETSI EN 303 645 implementation evidence from Annex B support/detail records, TS 103 701 ICS and IXIT inputs, test verdicts, and scoped external evidence.
- [ETSI EN 303 645 IoT Applicability Workflow](/artifacts/global/etsi-en-303-645/iot-applicability-workflow.md): Decide whether ETSI EN 303 645 applies to a consumer IoT product, what associated services belong in scope, and how to record justified non-applicability.
- [ETSI EN 303 645 requirements: consumer IoT provision map](/artifacts/global/etsi-en-303-645/requirements.md): Map ETSI EN 303 645 consumer IoT requirements to product scope, Annex B ICS entries, TS 103 701 evidence, and implementation owners.
- [ETSI EN 303 645 Secure Update Evidence Workflow](/artifacts/global/etsi-en-303-645/secure-update-evidence-workflow.md): Build secure-update evidence for ETSI EN 303 645 using provision 5.3, Annex B support/detail records, and TS 103 701 ICS, IXIT, and test-plan inputs.
- [ETSI EN 303 645 Secure Update Workflow](/artifacts/global/etsi-en-303-645/secure-update-workflow.md): Map ETSI EN 303 645 secure-update provisions into a practical workflow for consumer IoT update mechanisms, support-period disclosures, and TS 103 701 evidence.
- [ETSI EN 303 645 Secure Updates and Vulnerability Disclosure](/artifacts/global/etsi-en-303-645/secure-update-and-vulnerability-disclosure.md): source-linked guide to ETSI EN 303 645 clauses 5.2 and 5.3 for consumer IoT vulnerability disclosure, security updates, support periods, and TS 103 701 evidence.
- [ETSI EN 303 645 support period: what must consumer IoT teams publish?](/artifacts/global/etsi-en-303-645/faq/support-period.md): ETSI EN 303 645 support-period guidance for consumer IoT: defined security-update support periods, user-accessible publication, constrained-device replacement support, model designation, and TS 103 701 evidence.
- [ETSI EN 303 645 telemetry: what should consumer IoT teams evidence?](/artifacts/global/etsi-en-303-645/faq/telemetry.md): ETSI EN 303 645 telemetry guidance for consumer IoT teams: security anomaly examination, IXIT 24-TelData evidence, personal-data minimization, and consumer telemetry disclosures.
- [ETSI EN 303 645 test evidence: what should consumer IoT teams keep?](/artifacts/global/etsi-en-303-645/faq/test-evidence.md): ETSI EN 303 645 test evidence guidance for consumer IoT teams: ICS support claims, IXIT detail, TS 103 701 test plans, verdicts, and external evidence checks.
- [ETSI EN 303 645 vs EU CRA for Consumer IoT](/artifacts/global/etsi-en-303-645/etsi-en-303-645-vs-eu-cra.md): Use ETSI EN 303 645 and ETSI TS 103 701 evidence when preparing consumer IoT cybersecurity work that may also need a separate EU CRA legal mapping.
- [ETSI EN 303 645 vs RED Cybersecurity Delegated Act](/artifacts/global/etsi-en-303-645/etsi-en-303-645-vs-red-cybersecurity-delegated-act.md): Compare ETSI EN 303 645 consumer IoT security evidence with RED cybersecurity planning without treating the ETSI baseline as a substitute for RED legal scope.
- [ETSI EN 303 645 vs UK PSTI: Evidence Crosswalk](/artifacts/global/etsi-en-303-645/etsi-en-303-645-vs-uk-psti.md): Compare ETSI EN 303 645 evidence with UK PSTI review needs without assuming the same scope, legal trigger, or assurance route.
- [ETSI EN 303 645 vulnerability disclosure requirements for consumer IoT](/artifacts/global/etsi-en-303-645/faq/vulnerability-disclosure.md): What ETSI EN 303 645 requires for consumer IoT vulnerability disclosure policies, report handling, status updates, timely action, and TS 103 701 evidence.
- [ETSI TS 103 701 Test Evidence Workflow for EN 303 645](/artifacts/global/etsi-en-303-645/ts-103-701-test-evidence-workflow.md): Build an ETSI TS 103 701 test evidence workflow for EN 303 645 consumer IoT assessments: DUT identification, ICS, IXIT, test plans, verdicts, and external evidence.
- [How should teams handle constrained devices under ETSI EN 303 645 for consumer IoT products?](/artifacts/global/etsi-en-303-645/faq/constrained-devices.md): ETSI EN 303 645 constrained-device guidance: what counts as constrained, when non-applicability can be justified, and what evidence should support update and authentication decisions.

*Recommended next step*

*Placement: after practical guidance*

## Map ETSI EN 303 645 deletion paths to product evidence

Use this FAQ to connect each device, app, and associated-service deletion path to personal-data inventory entries, user instructions, confirmation evidence, and assessment-ready IXIT records.

- [Build the evidence map](/solutions/assessment.md): Turn device and service deletion paths into accountable controls, user-facing proof, and retained assessment evidence.
- [Check source fit](/solutions/research-copilot.md): Review whether a deletion claim is supported by ETSI EN 303 645, ETSI TS 103 701, or needs separate legal analysis.
- [Talk through implementation](/contact.md): Review deletion scope, associated services, confirmation evidence, and open privacy-law dependencies with Sorena.


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/global/etsi-en-303-645/faq/personal-data-deletion