Skip to main content

GDPR Data Anonymization API

Search and anonymize personal data to comply with GDPR data deletion requests.

Endpoint

POST /api/v1/gdpr/search-and-anonymise

Authentication

Requires bearer token authentication. See Authentication.

Request Format

Headers

Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Request Body

At least one of email or phoneNumber must be provided.

{
  email?: string | null;
  phoneNumber?: string | null;
}

Response Format

Success Response

{
  "success": true,
  "anonymisedRecords": {
    "formSubmissions": 5,
    "digitisationSubmissions": 2,
    "canvassingSubmissions": 8,
    "phoneCallTasks": 3
  }
}

HTTP Status: 200 OK

The response includes the count of anonymized records by type:

  • formSubmissions: Form submissions (API submissions, web forms)
  • digitisationSubmissions: Document digitization entries
  • canvassingSubmissions: Door-to-door canvassing records
  • phoneCallTasks: Phone campaign call records

Error Response

{
  "error": "ValidationError",
  "message": "At least one of email or phoneNumber must be provided"
}

HTTP Status: 400 Bad Request

Behavior

When a GDPR anonymization request is processed:

  1. The system searches all records matching the provided email or phone number
  2. Personal identifiable information (PII) is permanently removed from the records
  3. The system returns counts of anonymized records by type
  4. This operation is irreversible

What Gets Anonymized

The following personal identifiable information is removed from records:

  • First name and last name
  • Email addresses
  • Phone numbers
  • Street addresses
  • City, state, and postal codes
  • Any other PII fields

What Is Preserved

  • Record structure (for analytics)
  • Timestamps
  • Consent status (for compliance tracking)
  • Non-PII custom fields

Examples

Anonymize by Email

curl -X POST https://api.statelessapp.com/api/v1/gdpr/search-and-anonymise \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com"
  }'

Response:

{
  "success": true,
  "anonymisedRecords": {
    "formSubmissions": 12,
    "digitisationSubmissions": 0,
    "canvassingSubmissions": 3,
    "phoneCallTasks": 0
  }
}

Anonymize by Phone Number

curl -X POST https://api.statelessapp.com/api/v1/gdpr/search-and-anonymise \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "phoneNumber": "+15551234567"
  }'

Anonymize by Both

curl -X POST https://api.statelessapp.com/api/v1/gdpr/search-and-anonymise \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "phoneNumber": "+15551234567"
  }'

TypeScript Types

import type {
  IDataManagementApiGdprSearchAndAnonymiseRequest,
  IDataManagementApiGdprSearchAndAnonymiseResponse
} from '@stateless/api';

const request: IDataManagementApiGdprSearchAndAnonymiseRequest = {
  email: "user@example.com",
  phoneNumber: null
};

const response: IDataManagementApiGdprSearchAndAnonymiseResponse = {
  success: true,
  anonymisedRecords: {
    formSubmissions: 5,
    digitisationSubmissions: 0,
    canvassingSubmissions: 2,
    phoneCallTasks: 1
  }
};

Use Cases

  • GDPR Right to Erasure: Comply with Article 17 data deletion requests
  • Automated Compliance: Integrate with GDPR request management systems
  • Data Minimization: Proactively anonymize inactive user data
  • Privacy by Design: Implement data retention policies

Important Warnings

Irreversible Operation

This operation permanently anonymizes data and cannot be undone. Always verify the correct email/phone number before executing.

Testing

Test thoroughly in the development environment before using in production. Ensure your processes correctly identify the data to be anonymized.

Best Practices

  1. Verify Identity: Confirm the identity of the person making the GDPR request before processing
  2. Log Requests: Maintain audit logs of all anonymization requests
  3. Test First: Always test with the development environment before production
  4. Manual Review: Consider manual review for high-volume or sensitive anonymization requests
  5. Backup Strategy: Ensure you have appropriate backup and recovery procedures

Notes

  • Phone numbers should be in E.164 format (e.g., +15551234567)
  • The endpoint is idempotent - running the same request multiple times has no additional effect after the first execution
  • Anonymization actions are logged for compliance auditing
  • Processing is synchronous for small datasets; large datasets may take several seconds
  • Consider implementing rate limiting on your side to prevent accidental bulk anonymization