Aug 27, 2021 11:09 AM - edited Aug 27, 2021 11:12 AM
The EU’s General Data Protection Regulation (GDPR) is a set of laws aimed at enhancing the protection of EU citizens’ personal data and increasing the obligations of organizations to deal with that data in transparent and secure ways. GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens.
Under the GDPR, contacts in your account have the right to request that you delete all of their personal data. When this happens, the GDPR requires that you permanently remove the contact record from your database, including email tracking history, call records, form submissions, and other engagement data and activity.
We are introducing two brand new endpoints to the CRM Contact Object API that will enable developers to perform GDPR compliant contact record deletions. Both endpoints will be introduced in public beta. HubSpot users have had the ability to perform GDPR compliant deletions in the UI for a while now so it's great to deliver feature parity between Hubspot’s UI and public APIs. You can read more about HubSpot’s GDPR readiness and features here.
The new endpoints are as follows:
Enables developers to permanently delete a contact by email address and all associated content to follow GDPR. If the contact isn't found, this action blacklists an email address from being used in the future.
Developers can permanently delete a contact by id and all associated content to follow GDPR guidelines.
What this means for developers:
Start testing out these new endpoints. Public beta is the perfect time to let us know what you think. We’ll be collecting and iterating quickly on your feedback, which could mean breaking changes. We don’t recommend using these endpoints in a production environment yet, but we’ll let you know through the developer changelog when the endpoints are ready to move out of public beta and into general availability.
Please let us know if you have any feedback questions or by replying below.