Under GDPR your customers enjoy a number of rights including the right to erasure or deletion. In this article we will explain how Xtremepush can assist you in being compliant in regard to this right.
Background
The right of erasure is not an absolute right to be forgotten. Individuals have a right to be forgotten and the data to be erased in certain circumstances. For example, a customer’s data should be erased when:
-
The personal data is no longer required in connection with the reason for which it was originally collected
-
The individual withdraws consent to the data being held
-
Where an individual objects to processing and there is no overriding legitimate reason for holding the data
-
The personal data was unlawfully processed or it has to be erased to comply with a legal obligation
The request for erasure can be refused if the data needs to be retained to comply with a legal obligation or to exercise defence of legal claims. For example, when the data of a closed customer must be kept for a time period at the request of the national authorities then the data can be kept for that period.
Data retention periods and legal grounds for processing should be established and documented ready for inclusion in privacy notices. So, if personal data is retained for a certain period of time after a customer’s account is closed, this should be included in the privacy notice made available to the customer.
Servicing a Request for Erasure
If you have to process a request from a customer to erase their data and that requires erasing their data on xtremepush then you can.
If you are not familiar with where user profile data can be found on the platform first read our user profile data guide to familiarise yourself with this part of the platform in the docs here:
To erase customer data navigate to App Data > User Profiles and use the search fields to find the user who has made the request using a Customer ID or email.
Once you have found the user record double check the data to ensure you have the correct user record.
Once you have confirmed you have the correct user then click the delete user icon (far right) to erase that users personal data from the system. Confirm that you want to continue to begin erasure.
The confirmation message explains what will be deleted:
WARNING: CLICKING OK WILL DELETE ALL PERSONAL DATA FROM THIS PROFILE AND
IT WILL NO LONGER BE USABLE FOR CUSTOMER MARKETING. DATA REMOVED INCLUDES:
-User ID, Email, Mobile Number
- Device ID, ADID, IDFA, GA ID
- All Custom Profile Attributes
- All Custom Device Attributes
- Historic Custom Attribute Values
- Last Devices Coordinates
- Attribution Events
- All User data from message history (Email, Names, etc)
ONLY CLICK OK IF YOU ARE SURE YOU WANT TO CONTINUE
When the erasure task is complete you will receive confirmation.
Can't see profiles?
Profile data is only visible for those authorised to access the App Data section. Most day to day activity does not require access to user profiles. Access to rectify data is reserved for certain user roles. All accounts come with multi-user access and the person(s) in your organisation responsible for administration of user access will be able to provide appropriate user access to users who need to have access to service customer data requests. For help with user access please contact your Administrator first and if you need further help submit a support ticket.
Automating Erasure
In some cases it may be necessary to automate the erasure of customer data fro example if you want to be able to say that all customer data has been deleted when the delete their account you may need to delete their data on xtremepush at the same time it is being deleted on you system to support automated erasure we have added APIs that will delete customer as per the manual approach above. Details on these APIs in the next section.
For a general introduction to the Xtremepush APIs please review:
Erasure APIs
delete-personal-data
Used to delete all personal data for a user and devices of that user based on their user id.
URL
api/external/delete-personal-data
Parameters
| Parameter | Description |
|---|---|
| apptoken | Your App token |
| user_id | The id of the user you are trying to delete |
Example
Delete a user using their user id
URL: https://external-api.xtremepush.com/api/external/delete-personal-data
POST_DATA: {
"apptoken": "APPTOKEN",
"user_id": "USER_ID"
}
If successful will give a 200 response
{
“code”: 200,
“success”: true
}
If the user does not exist or has already been deleted then it will return 404
{
“code”: 404,
“message”: “Not Found”,
“success”: false
}
delete-device-personal-data
For projects where you have different User ID and Device External ID values. This can also be used to delete personal data from a device in the case where the device doesn't have a User ID.
URL
api/external/delete-device-personal-data
Parameters
| Parameter | Description |
|---|---|
| apptoken | Your App token |
| external_id | The id of the device from which you are trying to delete personal data |
Example
Delete a user using their external id
URL: https://external-api.xtremepush.com/api/external/delete-device-personal-data
POST_DATA: {
"apptoken": "APPTOKEN",
"external_id": "EXTERNAL_ID"
}
If successful will give a 200 response
{
“code”: 200,
“success”: true
}
If the user does not exist or has already been deleted then it will return 404
{
“code”: 404,
“message”: “Not Found”,
“success”: false
}
Comments
0 comments
Article is closed for comments.