{"title":"Data Protection API","category":"default","creationDate":1685554680,"content":"<p>Our Data Protection API allows you to process <a href=\"https:\/\/gdpr-info.eu\/art-17-gdpr\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Subject Erasure Requests<\/a> as mandated in General Data Protection Regulation (GDPR).<\/p>\n<p>Use our API to submit a request to delete a shopper's data, including payment details and other shopper-related information, for example, delivery address or shopper email.<\/p>\n<h2>Submit a Subject Erasure Request<\/h2>\n<ol>\n<li>\n<p>Send a POST <code>\/requestSubjectErasure<\/code> request, specifying:<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Parameter<\/th>\n<th style=\"text-align: center;\">Required<\/th>\n<th style=\"text-align: left;\">Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\"><code>merchantAccount<\/code><\/td>\n<td style=\"text-align: center;\"><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<td style=\"text-align: left;\">Your merchant account.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><code>pspReference<\/code><\/td>\n<td style=\"text-align: center;\"><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<td style=\"text-align: left;\">The PSP reference of the original payment authorisation. We will delete all shopper-related data for this payment.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><code>forceErasure<\/code><\/td>\n<td style=\"text-align: center;\"><\/td>\n<td style=\"text-align: left;\">Set this to <span translate=\"no\"><strong>true<\/strong><\/span> if you want to delete shopper-related data, even if the shopper has an existing recurring transaction. This only deletes the shopper-related data for the specific payment, but does not cancel the existing recurring transaction.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div data-component-wrapper=\"code-sample\">\n<code-sample :title=\"''\" :id=\"'1194239097'\" :code-data=\"[{&quot;language&quot;:&quot;bash&quot;,&quot;tabTitle&quot;:&quot;&quot;,&quot;content&quot;:&quot;curl https:\\\/\\\/ca-test.adyen.com\\\/ca\\\/services\\\/DataProtectionService\\\/v1\\\/requestSubjectErasure \\\\\\n-H 'x-api-key: ADYEN_API_KEY' \\\\\\n-H 'content-type: application\\\/json' \\\\\\n-d '{\\n  \\&quot;merchantAccount\\&quot;:\\&quot;YOUR_MERCHANT_ACCOUNT\\&quot;,\\n  \\&quot;pspReference\\&quot;:\\&quot;9915520502347613\\&quot;,\\n  \\&quot;forceErasure\\&quot;: true\\n}'&quot;}]\" :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<\/li>\n<li>\n<p>In the response, check the <code>result<\/code> value.<\/p>\n<pre><code class=\"language-json\">{\n  \"result\": \"SUCCESS\"\n}<\/code><\/pre>\n<p>Possible <code>result<\/code> values are:<\/p>\n<ul>\n<li><span translate=\"no\"><strong>SUCCESS<\/strong><\/span>: the request has been received, and will be processed asynchronously.<\/li>\n<li><span translate=\"no\"><strong>ACTIVE_RECURRING_TOKEN_EXISTS<\/strong><\/span>: data cannot be deleted because a recurring transaction is associated with the shopper's payment details. If you want to proceed with deleting shopper data, include <code>forceErasure<\/code>: <span translate=\"no\"><strong>true<\/strong><\/span> in your request.<\/li>\n<li><span translate=\"no\"><strong>PAYMENT_NOT_FOUND<\/strong><\/span>: the PSP reference doesn't exist.<\/li>\n<li><span translate=\"no\"><strong>ALREADY_PROCESSED<\/strong><\/span>: we have already received a request for the same PSP reference.<\/li>\n<\/ul>\n<p>After we receive your request, we will delete transaction data in accordance with the Merchant Agreement and redact shopper-related data from the <a href=\"https:\/\/ca-test.adyen.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Customer Area<\/a>.<\/p>\n<\/li>\n<li>\n<p>Optional. To verify that the data has been redacted, check the payment in your <a href=\"https:\/\/ca-test.adyen.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Customer Area<\/a>. The shopper data fields are shown as <em>REDACTED<\/em>, and the redaction date is shown in the <strong>Data Protection<\/strong> section.<\/p>\n<\/li>\n<\/ol>\n<div class=\"sc-notice info\"><div>\n<p>To switch to live, change the domain to <code>ca-<strong>live<\/strong>.adyen.com<\/code>.<\/p>\n<\/div><\/div>","url":"https:\/\/docs.adyen.com\/development-resources\/data-protection-api","articleFields":{"description":"Use our API to comply with GDPR's right to erasure mandate.","last_edit_on":"31-05-2023 19:51","feedback_component":true,"filters_component":false},"algolia":{"url":"https:\/\/docs.adyen.com\/development-resources\/data-protection-api","title":"Data Protection API","content":"Our Data Protection API allows you to process Subject Erasure Requests as mandated in General Data Protection Regulation (GDPR).\nUse our API to submit a request to delete a shopper's data, including payment details and other shopper-related information, for example, delivery address or shopper email.\nSubmit a Subject Erasure Request\n\n\nSend a POST \/requestSubjectErasure request, specifying:\n\n\n\nParameter\nRequired\nDescription\n\n\n\n\nmerchantAccount\n\nYour merchant account.\n\n\npspReference\n\nThe PSP reference of the original payment authorisation. We will delete all shopper-related data for this payment.\n\n\nforceErasure\n\nSet this to true if you want to delete shopper-related data, even if the shopper has an existing recurring transaction. This only deletes the shopper-related data for the specific payment, but does not cancel the existing recurring transaction.\n\n\n\n\n\n\n\n\nIn the response, check the result value.\n{\n  \"result\": \"SUCCESS\"\n}\nPossible result values are:\n\nSUCCESS: the request has been received, and will be processed asynchronously.\nACTIVE_RECURRING_TOKEN_EXISTS: data cannot be deleted because a recurring transaction is associated with the shopper's payment details. If you want to proceed with deleting shopper data, include forceErasure: true in your request.\nPAYMENT_NOT_FOUND: the PSP reference doesn't exist.\nALREADY_PROCESSED: we have already received a request for the same PSP reference.\n\nAfter we receive your request, we will delete transaction data in accordance with the Merchant Agreement and redact shopper-related data from the Customer Area.\n\n\nOptional. To verify that the data has been redacted, check the payment in your Customer Area. The shopper data fields are shown as REDACTED, and the redaction date is shown in the Data Protection section.\n\n\n\nTo switch to live, change the domain to ca-live.adyen.com.\n","type":"page","locale":"en","boost":18,"hierarchy":{"lvl0":"Home","lvl1":"Development resources","lvl2":"Data Protection API"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/","lvl1":"https:\/\/docs.adyen.com\/development-resources","lvl2":"\/development-resources\/data-protection-api"},"levels":3,"category":"Development Resources","category_color":"green","tags":["Protection"]}}