Personal Data Redaction

Many countries and states have data privacy laws that give individuals the right to request their personal data be forgotten/removed from business systems and sub-processors.

Personal Data Redaction is the process through which Spreedly allows merchants to redact personally identifiable data from payment methods and their associated transactions inside Spreedly systems.

Please note that Personal Data Redaction only removes data from Spreedly systems and not from payment gateways or other downstream systems such as fraud management tools. Data redaction on those systems must be requested directly through those parties.

Performing Personal Data Redaction

Personal Data Redaction can be requested when using the redact API for a given payment method.

When making an API request to redact a payment method, an optional boolean element remove_personal_data can be included to request that all personal data be redacted. Note that setting remove_personal_data:true will redact both payment data and personal data from the requested payment method and its associated transactions; multiple operations are not required to payment method data and personal data.

Depending on the number of transactions associated with the payment method, the redaction process may take longer to remove all data and as such response times may vary.

Please be aware that this is an unrecoverable operation. While the payment method and transaction will still exist post operation, once personal data redaction has occurred all payment data and personal data will no longer be available.

URL Parameters

Parameter Description
payment_method_token
required
The token of the payment method
format
required
One of json or xml

Request Body

Existing API properties remain unchanged. Example below is truncated only to illustrate new API properties for Personal Data Redaction. For additional examples and information, please review the Spreedly API Reference.

Element Description
transaction Root element
❯ remove_personal_data true if personally identifiable information should be removed from the payment method and its associated transactions

PUT /v1/payment_methods//redact. HTTPS/1.1

{
  "transaction": {
    "remove_personal_data": true
  }
}


Response Body

When a personal data redaction occurs, the response will include a transactions.personal_data_removal element with an errors array.

Existing API properties remain unchanged. Example below is truncated only to illustrate new API properties for Personal Data Redaction. For additional examples and information, please review the Spreedly API Reference.

Element Description
transaction Root element
❯ personal_data_removal Personal data redaction information as part of this transaction, if applicable.
❯❯ succeeded true if personal data successfully removed; false otherwise.
❯❯ errors If success is false, there will be associated error message(s) here. Array of { key: “key”, message: “message” } pairs.
❯❯❯ key Error code. Can be one of the following:
  • removal_failed
❯❯❯ message Verbose information on the error code. Can be one of the following:
  • Personal data removal was unsuccessful.

{
  
"transaction": {
    "token": "L46gdNQunedFoor9ySRJfgz7RAk",
    "created_at": "2020-02-11T20:49:32Z",
    "updated_at": "2020-02-11T20:49:32Z",
    "succeeded": true,
    "transaction_type": "RedactPaymentMethod",
    ...
    "payment_method": {
      "token": "VBVmxAmSDxmc7AjUGi7ViUf9avm",
      "created_at": "2020-02-11T20:49:32Z",
      "updated_at": "2020-02-11T20:49:32Z",
      ...
    },
    "personal_data_removal": {
      "succeeded": false,
      "errors": [
        {
          "key": "removal_failed"
          "message": "Personal data removal was unsuccessful."
        }
      ]
    }
  }
}

Error Handling

In the event of a failed transaction, please retry the redaction process again. For subsequent errors, please make note of the Spreedly payment method and contact Spreedly customer support.