Personal Data Erasure Requests
Erasure requests enable you to exercise the right, referred to in regulations such as GDPR, as the right to be forgotten or right to erase. Erasure requests allow you to wipe out personal data from Commerce in an automated way, including:
- All related resources (for example, addresses, customers, and so on.)
- Personal Data Logs
Erasure requests can be created for any data entry in the personal data set (see Personal Data Concept for details), and the result is the same.
Currently, it does not include flows or data external to Commerce.
Erasure requests are processed asynchronously. The POST requests return immediately, and processing continues in
the background. You can use the GET endpoint to poll for results until you see {..."status":"SUCCESS"...} in the
response body.
In the unlikely event an erasure request fails (if the status is not equal to SUCCESS), you are advised to retry
by creating another erasure request. If the problem persists, contact Support.
Currently, personal data management is only enabled for a limited set of endpoints. See the personal data concepts page for the list of endpoints that support personal data management.
Seller Admin & IT users have full access to Erasure Requests, and Support users have read access.
📄️ Create Personal Data Erasure Request
This request serves to create a new erasure request for a given resource ID and Type. All resources that belong to the same personal data set will be erased.
📄️ Get all Personal Data Erasure Request
Gets a list of erasure requests for a specific resource id and resource type.
📄️ Get Personal Data Erasure Request
This request serves to get an existing erasure request by its ID.