The Ometria data anonymisation and deletion request API allow you to:
- Submit requests for individuals personal data to be anonymised
- Check status of anonymisation requests submitted via this API or inside the Ometria application
- Checking status of GDPR Data anonymisation request
Contents
Lifecycle of a GDPR Data anonymisation request
A data anonymisation request can be submitted either by a user of the Ometria application ("in app") or via API request.
Once a request is received it is processed within 14 days and any personal data associated with that individual's identity is removed or anonymised.
Rate limiting
The GDPR data anonymisation request is designed for GDPR related objections raised by individuals.
It is not designed for large scale data deletion. As a result, the API is rate limited to a maximum of six requests per minute
GDPR Methods
Create new GDPR data anonymisation request
Get details of specific GDPR related data anonymisation request
GDPR Objects
List GDPR related data anonymisation requests
Path
GET /data-deletion-requests
Description
Returns previously filed GDPR related data anonymisation requests and their status.
|
200 OK Array< DataDeletionRequest> |
An array of data anonymisation objects. |
|
403 Forbidden |
API key is not authorised to access this resource. |
Response Example (200 OK)
[
{
"action": "anonymise",
"comment": "Some comment",
"id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"identities": [
{
"hashed_email": "3af31748a10ef8bd28ce7620c25fe18d@anonymous.ometria"
}
],
"source": {
"api_request_id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"origin": "api",
"user": {
"email": "user@user.com",
"name": "A user"
}
},
"summary": "1 contact record anonymised, 15 events anonymise",
"timestamp_completed": "2017-02-04 10:18:12.833949+00",
"timestamp_created": "2017-02-02 10:18:12.833949+00"
}
]
Create new GDPR data anonymisation request
Path
POST /data-deletion-requests
Description
Create new or update an existing order
Request Body
|
The email address of the individual who had requested anonymisation |
Request Example
{
"action": "anonymise",
"comment": "Some comment",
"email_address": "someone@domain.com"
}
Response
|
200 OK DataDeletionRequest |
GDPR data anonymisation request object successfully created |
|
403 Forbidden |
API key is not authorised to access this resource |
Response Example (200 OK)
{
"action": "anonymise",
"comment": "Some comment",
"id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"identities": [
{
"hashed_email": "3af31748a10ef8bd28ce7620c25fe18d@anonymous.ometria"
}
],
"source": {
"api_request_id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"origin": "api",
"user": {
"email": "user@user.com",
"name": "A user"
}
},
"summary": "1 contact record anonymised, 15 events anonymise",
"timestamp_completed": "2017-02-04 10:18:12.833949+00",
"timestamp_created": "2017-02-02 10:18:12.833949+00"
}
Get details of specific GDPR related data anonymisation request
Path
GET /data-deletion-requests/{id}
Description
Returns details and status of GDPR related data anonymisation request by its ID.
Request Parameters
|
id |
The request ID |
|
type |
string |
|
in |
query |
Response
|
200 OK DataDeletionRequest |
A data anonymisation object. |
|
403 Forbidden |
API key is not authorised to access this resource. |
|
404 Not Found |
Data anonymisation request with specified ID was not found |
Response Example (200 OK)
{
"action": "anonymise",
"comment": "Some comment",
"id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"identities": [
{
"hashed_email": "3af31748a10ef8bd28ce7620c25fe18d@anonymous.ometria"
}
],
"source": {
"api_request_id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"origin": "api",
"user": {
"email": "user@user.com",
"name": "A user"
}
},
"summary": "1 contact record anonymised, 15 events anonymise",
"timestamp_completed": "2017-02-04 10:18:12.833949+00",
"timestamp_created": "2017-02-02 10:18:12.833949+00"
}
DataDeletionRequest: object
Describes a GDPR related data anonymisation request
|
Value |
Type |
Description |
Required |
|
id |
string |
The request ID |
|
|
comment |
string |
User supplied comment text included in the initial request |
|
|
timestamp_created |
string (date-time) |
Date and time of request being filed. Following ISO 8601 dateTime format with timezone offset YYYY-MM-DDThh:mm:ss+Z. |
|
|
timestamp_completed |
string (date-time) |
Date and time of request being processed. Following ISO 8601 dateTime format with timezone offset YYYY-MM-DDThh:mm:ss+Z. |
|
|
action |
string {anonymise} |
The action to take on this individual's data. The only supported value currently is "anonymise" |
|
|
summary |
string |
A textual summary of the records found and modified after processing. |
|
|
source |
object |
A summary of where the request originated, e.g. from with the application or via API. |
|
|
identities |
array |
A list of hashed email addresses that represent the identities of individuals processed in this request. |
Example
{
"action": "anonymise",
"comment": "Some comment",
"id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"identities": [
{
"hashed_email": "3af31748a10ef8bd28ce7620c25fe18d@anonymous.ometria"
}
],
"source": {
"api_request_id": "a8c53a39-e0fc-462c-b5fa-907fe70a4174",
"origin": "api",
"user": {
"email": "user@user.com",
"name": "A user"
}
},
"summary": "1 contact record anonymised, 15 events anonymise",
"timestamp_completed": "2017-02-04 10:18:12.833949+00",
"timestamp_created": "2017-02-02 10:18:12.833949+00"
}
DataDeletionSubmission: object
GDPR related data anonymisation request submission
|
Value |
Type |
Description |
Required |
|
email_address |
string |
Email address of individual who requested anonymisation |
Required |
|
comment |
string |
Optional user supplied comment text |
|
|
action |
string {anonymise} |
The action to take on this individual's data. The only supported value currently is "anonymise" |
Required |
Example
{
"action": "anonymise",
"comment": "Some comment",
"email_address": "someone@domain.com"
}
Comments
0 comments
Please sign in to leave a comment.