How to separate a person's identity from his personal data?

Question

I\'m writing an app which main purpose is to keep list of users purchases.

I would like to ensure that even I as a developer (or anyone with full access to the database)

Answer 1

It seems like you're right on track with this, but you're just over thinking it (or I simply don't understand it)

Write a function that builds a new string based on the input (which will be their username or something else that cant change overtime)

Use the returned string as a salt when building the user hash (again I would use the userID or username as an input for the hash builder because they wont change like the users' password or email)

Associate all user actions with the user hash.

No one with only database access can determine what the hell the user hashes mean. Even an attempt at brute forcing it by trying different seed, salt combinations will end up useless because the salt is determined as a variant of the username.

I think you've answered you own question with your initial post.