Skip to main content
All CollectionsAPI Documentation
MaestroQA Data Deletion (GDPR) API
MaestroQA Data Deletion (GDPR) API
Robby Dunigan avatar
Written by Robby Dunigan
Updated over a week ago

Summary

MaestroQA provides an API for completing data deletion requests programmatically. This can be used to complete CCPA, GDPR, or other deletion requests and audit logs the completion of the requests. The audit log is exportable manually in the app as well as programmatically via the following API: MaestroQA API.

Note: There are two deletion processes, a fast deletion from the operational database and a daily async batch process that clears out any additional references to data. The initial confirmation refers to the operational database. To confirm completion of the async request, a second request must be made with the id returned from the initial confirmation. The response of that request will be either pending, completed, or error.

Authentication

The endpoint requires an API Key: a secret key controlling API access to your MaestroQA account. The key is passed in the headers as 'apitoken': 'YOUR_API_TOKEN'.

API Keys can be generated in MaestroQA. To manage API tokens, go to MaestroQA > Settings > Settings > “API Keys”. API tokens require rotation every 90 days by default, but rotation can be toggled off to enable a long lived token.

See MaestroQA API for details on Authentication.

Data deletion endpoint

DELETE request to delete all of an individual’s PII and associated information in MaestroQA.

DELETE => https://app.maestroqa.com/api/v1/data-deletion-request

Parameters in the request body

emails - string[]

Email(s) of the individual to delete the data of. Can be up to 5

auditLabel (optional) - string

Request ID, user alias or other string to push to the audit log for record keeping purposes

Returns (in addition to standard status codes - 200, 400, 404 etc)

confirmation - boolean - a confirmation boolean affirmatively confirming the completion of the request. This is for the operational table deletion.

id - id of the job for async bulk deletion

GET request to check status of deep delete all of an individual’s PII and associated information in MaestroQA.

GET => https://app.maestroqa.com/api/v1/data-deletion-check/:id

Returns (in addition to standard status codes - 200, 400, 404 etc)

status - string - pending, completed, not found, or errored

import requests

endpoint = 'https://app.maestroqa.com/api/v1/data-deletion-request'

headers = {

'Content-Type': 'application/json',

'apitoken': 'YOUR_API_TOKEN'

}

data = {

'apiToken': 'xxxyyyzzz',

'emails': [‘exampleuser@example.com’],

'auditLabel': 'User 3'

}

res = requests.delete(endpoint, json=data, headers=headers)

print(res.json())

# {'confirmation': True, ‘id’: ‘123’, ‘status’: ‘pending’}

id = res.json()[‘id’]

get_res requests.get(endpoint + ‘/’ + id, headers=headers)

print(get_res.json())

# {‘status’:’pending’}

Notes

- The endpoint’s request parameters, and response content, are JSON-encoded

Rate Limits

A given token has limits on how many times it can be used to make a request:

1 request per second

30 requests per minute

Did this answer your question?