Closed beta: Data Protection Plus is in closed beta and is only available in select regions.
This flow to erase customer data is in alpha testing stage, available only for select clients. Do not share this documentation with people outside of your company. If you do not have access yet, please refer to the Erasing customer data guide instead.
This feature is part of VTEX Shield, meaning additional fees may apply.
If you are already a VTEX customer and want to adopt VTEX Shield for your business, please contact Commercial Support.
If you are not yet a customer but are interested in this solution, please complete our contact form.
According to data protection policies, such as GDPR and LGPD, companies using customer personal data are required to delete collected information upon the customer's request. Data Subject Rights API allows stores using the PII data architecture to erase user data collected by Checkout, Orders, VTEX ID and Profile System, without depending on the VTEX Support flow described in the Erasing customer data guide.
To begin the data erasing process, make a POST request to the Erase customer data endpoint from the Data Subject Rights API. This action deletes a given customer's data collected in your store by Checkout, Orders, VTEX ID and Profile System.
Only orders with
invoicedorcanceledstatus are erased in this request.
A successful response is 200 OK with Completed status, and all items in the applications array should have the Deleted status.
Request body example
_10{_10 "email": "john@mail.com"_10}
Response body example
_34{_34 "uuid": "3e2f53dc-b099-4dc8-9727-581b2a97f39c",_34 "requestType": "Removal",_34 "email": "john@mail.com",_34 "status": "Completed",_34 "dataResponse": "{\r\n \"VTEX Checkout\": [],\r\n \"orders\": {\r\n \"dataStatus\": {\r\n \"status\": \"anonymized\",\r\n \"reason\": \"Sensitive information was anonymized rather than deleted to preserve the store metrics.\",\r\n \"evidence\": \"Anonymized [0] orders\",\r\n \"dryRun\": true\r\n },\r\n \"orders\": []\r\n },\r\n \"Profile System PII API\": {},\r\n \"VTEX ID\": {\r\n \"type\": \"https://tools.ietf.org/html/rfc7231#section-6.5.4\",\r\n \"title\": \"Not Found\",\r\n \"status\": 404,\r\n \"traceId\": \"00-65d5abf9263b07eb185beee49e2075dc-b67b373e2e93dcf8-00\"\r\n }\r\n}",_34 "requestTime": "2023-09-05T17:19:33.1969022-03:00",_34 "applications": [_34 {_34 "application": "chk",_34 "status": "Deleted",_34 "errorDetail": "",_34 "updateAt": "2023-09-05T20:20:23"_34 },_34 {_34 "application": "orders",_34 "status": "Deleted",_34 "errorDetail": "",_34 "updateAt": "2023-09-05T20:20:25"_34 },_34 {_34 "application": "profileSystemV2",_34 "status": "Deleted",_34 "errorDetail": "",_34 "updateAt": "2023-09-05T20:20:26"_34 },_34 {_34 "application": "vid",_34 "status": "Deleted",_34 "errorDetail": "",_34 "updateAt": "2023-09-05T20:20:29"_34 }_34 ]_34}