Compliance

The Compliance API covers multiple frameworks, including GDPR, CCPA, and LGPD. For GDPR, CCPA, and LGPD deletion requests, all identifiers associated with the same user as the requested identifier are added to our redaction pool. The customer record for that user is redacted and the redaction pool is used to remove identifying information from all new events and object updates. No past or future events are deleted or lost, and they remain associated with the redacted profile.

For CCPA opt-out requests (opting out of the sale of data), any profile associated with the requested identifier is flagged with a CCPA Opted-Out attribute which is acted upon in marketing situations or which can be accessed as part of a qualification (segment) or profile search.

Utilize the Consent API for managing a typical marketing based opt-outs, or the Lists API to manage list subscriptions. Utilize this API for compliance-based changes only.

post
Compliance Request

https://api.zaius.com/v3/compliance/{framework}/{type}
When delete is requested, for a given identifier, find all known associated identifiers, redact relevant profiles, stop new updates to user's profile, and don't send messages in the future to the user. When optout is requested, find the profile associated with the given identifier and indicate the CCPA Opted-Out status.
Request
Response
Request
Path Parameters
framework
required
string
the framework under which this request falls; accepted values are gdpr, ccpa, or lgpd
type
required
string
the type of request being processed; accepted values are delete or optout (optout only available for CCPA)
Body Parameters
requester
required
string
information about the requester of the opt-out for audit purposes
identifier_value
required
string
the value of the identifier to opt-out (e.g. customer@zaius.com)
identifier_field_name
required
string
the type of identifier that you are opting out (e.g. email)
Response
200: OK
{
"title": "Accepted",
"status": 202,
"timestamp": "2018-09-10T21:07:10-05:00"
}
400: Bad Request
{
"title": "Bad Request",
"status": 400,
"timestamp": "2018-09-10T21:07:10-05:00",
"detail": {
"invalids": []
}
}
403: Forbidden
{
"message": "Forbidden"
}
Example Payload
[{
"requester": "brand@example.com",
"identifier_field_name": "email",
"identifier_value": "customer@zaius.com"
},{
"requester": "brand@example.com",
"identifier_field_name": "email",
"identifier_value": "customer@zaius.com"
}]