The Compliance API covers multiple frameworks, including GDPR, CCPA, and LGPD. For GDPR, CCPA, and LGPD deletion requests, all identifiers associated with the same user as the requested identifier are added to Optimizely Data Platform's (ODP's) redaction pool. The customer record for that user is redacted and the redaction pool is used to remove identifying information from all new events and object updates. No past or future events are deleted or lost, and they remain associated with the redacted profile.
For CCPA opt-out requests (opting out of the sale of data), any profile associated with the requested identifier is flagged with a CCPA opted-out attribute. This is acted upon in marketing situations and can be accessed as part of a qualification (segment) or profile search.
Warning
Use this API for compliance-based changes only.
If you are trying to remove users from a list or a specific channel, or globally revoke marketing consent, do not use this API.
- Use the Consent API for managing typical marketing-based opt outs.
- Use the Lists API to manage list subscriptions.