We currently only need a social connection for login to acquire a session, then do not need long term storage of this user data in Auth0. I noticed this information is being stored for some duration of time after we’ve done the token validation after a Google authentication.
For GDPR, it’s best if we don’t store this information if we don’t need to. The User Profiles (https://auth0.com/docs/users/user-profiles) help docs refers to this as a “cache”. Does the user profile invalidate after some period of time? Is there a way to configure it to do so?