The GDPR Erasure API permanently deletes all records associated with a specific customer across all data tables. This supports GDPR Article 17 (right to erasure). The deletion runs inside a single database transaction to ensure atomicity. Admin only.
Base path
Erase customer data
POST /api/v1/gdpr/erasure
Request body
| Field | Type | Required | Description |
|---|
customerId | string | Yes | The customer identifier to erase all data for. |
Example request
curl -X POST https://playground.kaireonai.com/api/v1/gdpr/erasure \
-H "Content-Type: application/json" \
-H "X-Tenant-Id: my-tenant" \
-H "X-User-Role: admin" \
-d '{ "customerId": "cust_12345" }'
Response 200
{
"success": true,
"customerId": "cust_12345",
"deletedCounts": {
"interactionHistory": 47,
"interactionSummary": 12,
"suppression": 3,
"decisionTrace": 8,
"attributionResult": 5
},
"totalDeleted": 75
}
Response fields
| Field | Type | Description |
|---|
success | boolean | Whether the erasure completed successfully. |
customerId | string | The customer ID that was erased. |
deletedCounts | object | Breakdown of deleted records per table. |
deletedCounts.interactionHistory | number | Interaction history records deleted. |
deletedCounts.interactionSummary | number | Aggregated interaction summary records deleted. |
deletedCounts.suppression | number | Active suppression records deleted. |
deletedCounts.decisionTrace | number | Decision trace (forensic audit) records deleted. |
deletedCounts.attributionResult | number | Attribution result records deleted. |
totalDeleted | number | Sum of all deleted records across all tables. |
Error codes
| Code | Reason |
|---|
400 | Missing or invalid customerId (must be a non-empty string). |
400 | Invalid JSON body. |
500 | Transaction failed — all deletions are rolled back. |
This operation is irreversible. All interaction history, summaries, suppressions, decision traces, and attribution results for the customer are permanently deleted. An audit log entry is created to record the erasure event.
Audit trail
Every erasure request is logged with:
- Action:
gdpr_erasure
- Entity type:
customer
- Entity ID: The erased customer ID
- Changes: The
deletedCounts breakdown
Data tables affected
| Table | What is deleted |
|---|
InteractionHistory | All recommendation, impression, click, and conversion events for the customer. |
InteractionSummary | Pre-aggregated performance summaries per offer/channel for the customer. |
Suppression | Active contact policy suppressions (frequency caps, cooldowns, etc.). |
DecisionTrace | Forensic traces of decision pipeline executions involving the customer. |
AttributionResult | Attribution results linking outcomes to recommendations for the customer. |
Data stored in custom schema tables (created via the Data module) is not automatically erased by this endpoint. If you store PII in custom schemas, you must handle deletion of those records separately.
Role requirements
| Method | Minimum role |
|---|
| POST | admin |
