Deletion and Suppression

In keeping with Segment's commitment to support GDPR and future privacy regulations such as the CCPA, you can delete and suppress data about end users if you identify that user with a userId, should they revoke or alter their consent to data collection. For instance, if an end user in the EU invokes their Right to Object or Right to Erasure under the GDPR, you can use the following features in Segment to block ongoing data collection about the user, and delete all historical data across Segment’s systems, connected S3 buckets and Warehouses, and supported downstream partners.

Regulations enable you to issue a single request to delete and suppress data about a user by userId. All regulations are by default scoped to your Workspace and target all Sources within the Workspace. This way, you don't need to page over every Source within Segment to delete data about a user across all your users.

All deletion and suppression actions within Segment are asynchronous, and fall under the umbrella of what Segment calls "Regulations." Regulations are requests to Segment to impart control over your data flow. You can issue these requests with the Segment Public API using the endpoints below.

You can't replay data deleted through Regulations. For standard replay requests, Segment asks that you wait for deletions to complete and not submit any new deletion requests for the period of time that Segment replays data for you.

Migrate from the Config API

Deletion and Suppression got an overhaul in the Segment Public API. They’re now divided into Workspace, Source, and Cloud Source-related endpoints. The Public API simplifies these endpoints: the attributes input field is no longer required, and you can now pass an array of IDs to regulate (instead of a parent).

Create Cloud Source Regulation

Creates a Source-scoped regulation.

  Config API omitted fields:
  • attributes,
  • userAgent
Securitytoken
Request
path Parameters
sourceId
required
string [ 1 .. 255 ]
Example: qQEHquLrjRDN9j1ByrChyn
Request Body schema:
required
regulationType
required
string (regulationType)

The regulation type to create.

Enum: "DELETE_INTERNAL" "DELETE_ONLY" "SUPPRESS_ONLY" "SUPPRESS_WITH_DELETE" "SUPPRESS_WITH_DELETE_INTERNAL" "UNSUPPRESS"
subjectType
required
string (subjectType)

The subject type. Must be objectId for Cloud Sources.

Value: "OBJECT_ID"
subjectIds
required
Array of strings (subjectIds)

The list of userId or objectId values of the subjects to regulate.

Config API note: equal to parent but allows an array.

collection
required
string (collection)

The Cloud Source collection to regulate.

Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

post/regulations/cloudsources/{sourceId}
Request samples
{
  • "regulationType": "SUPPRESS_ONLY",
  • "subjectType": "OBJECT_ID",
  • "subjectIds": [
    ],
  • "collection": "some-app-collection"
}
Response samples
{
  • "data": {
    }
}

Create Source Regulation

Creates a Source-scoped regulation.

• When called, this endpoint may generate the Source Regulation Created event in the audit trail.

Config API omitted fields:

  • attributes,
  • userAgent
Securitytoken
Request
path Parameters
sourceId
required
string [ 1 .. 255 ]
Example: qQEHquLrjRDN9j1ByrChyn
Request Body schema:
required
regulationType
required
string (regulationType)

The regulation type to create.

Enum: "DELETE_ARCHIVE_ONLY" "DELETE_INTERNAL" "DELETE_ONLY" "SUPPRESS_ONLY" "SUPPRESS_WITH_DELETE" "SUPPRESS_WITH_DELETE_INTERNAL" "UNSUPPRESS"
subjectType
required
string (subjectType)

The subject type.

Enum: "ANONYMOUS_ID" "USER_ID"
subjectIds
required
Array of strings (subjectIds)

The list of userId or objectId values of the subjects to regulate.

Config API note: equal to parent but allows an array.

Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

post/regulations/sources/{sourceId}
Request samples
{
  • "regulationType": "SUPPRESS_ONLY",
  • "subjectType": "USER_ID",
  • "subjectIds": [
    ]
}
Response samples
{
  • "data": {
    }
}

List Regulations from Source

Lists all Source-scoped regulations.

Securitytoken
Request
path Parameters
sourceId
required
string [ 1 .. 255 ]
Example: qQEHquLrjRDN9j1ByrChyn
query Parameters
status
string (status)

The status on which to filter returned regulations.

This parameter exists in v1.

Enum: "FAILED" "FINISHED" "INITIALIZED" "INVALID" "NOT_SUPPORTED" "PARTIAL_SUCCESS" "RUNNING"
regulationTypes
Array of strings (regulationTypes)

The regulation types on which to filter returned regulations.

This parameter exists in v1.

Items Enum: "DELETE_INTERNAL" "DELETE_ONLY" "SUPPRESS_ONLY" "SUPPRESS_WITH_DELETE" "SUPPRESS_WITH_DELETE_INTERNAL" "UNSUPPRESS"
object (PaginationInput)

Pagination parameters.

This parameter exists in v1.

Example: pagination=pagination.count=2
Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

get/regulations/sources/{sourceId}
Request samples
import { configureApis, unwrap } from '@segment/public-api-sdk-typescript'

const api = configureApis('/* Insert your Public API token here */')

try {
  const result = await unwrap(api.deletionAndSuppression.listRegulationsFromSource('qQEHquLrjRDN9j1ByrChyn'))
  console.log(JSON.stringify(result))
} catch (e) {
  console.log('ERROR:', e)
}
Response samples
{
  • "data": {
    }
}

Create Workspace Regulation

Creates a Workspace-scoped regulation.

• When called, this endpoint may generate the Workspace Regulation Created event in the audit trail.

Config API omitted fields:

  • attributes,
  • userAgent
Securitytoken
Request
Request Body schema:
required
regulationType
required
string (regulationType)

The regulation type to create.

Enum: "DELETE_ARCHIVE_ONLY" "DELETE_INTERNAL" "DELETE_ONLY" "SUPPRESS_ONLY" "SUPPRESS_WITH_DELETE" "SUPPRESS_WITH_DELETE_INTERNAL" "UNSUPPRESS"
subjectType
required
string (subjectType)

The subject type. Use objectId for Cloud Source regulations.

Enum: "ANONYMOUS_ID" "OBJECT_ID" "USER_ID"
subjectIds
required
Array of strings (subjectIds)

The list of userId or objectId values of the subjects to regulate.

Config API note: equal to parent but allows an array.

Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

post/regulations
Request samples
{
  • "regulationType": "SUPPRESS_ONLY",
  • "subjectType": "USER_ID",
  • "subjectIds": [
    ]
}
Response samples
{
  • "data": {
    }
}

List Workspace Regulations

Lists all Workspace-scoped regulations.

Securitytoken
Request
query Parameters
status
string (status)

The status on which to filter the returned regulations.

This parameter exists in v1.

Enum: "FAILED" "FINISHED" "INITIALIZED" "INVALID" "NOT_SUPPORTED" "PARTIAL_SUCCESS" "RUNNING"
regulationTypes
Array of strings (regulationTypes)

The regulation types on which to filter returned regulations.

This parameter exists in v1.

Items Enum: "DELETE_ARCHIVE_ONLY" "DELETE_INTERNAL" "DELETE_ONLY" "SUPPRESS_ONLY" "SUPPRESS_WITH_DELETE" "SUPPRESS_WITH_DELETE_INTERNAL" "UNSUPPRESS"
object (PaginationInput)

Pagination parameters.

This parameter exists in v1.

Example: pagination=pagination.count=5
Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

get/regulations
Request samples
import { configureApis, unwrap } from '@segment/public-api-sdk-typescript'

const api = configureApis('/* Insert your Public API token here */')

try {
  const result = await unwrap(api.deletionAndSuppression.listWorkspaceRegulations())
  console.log(JSON.stringify(result))
} catch (e) {
  console.log('ERROR:', e)
}
Response samples
{
  • "data": {
    }
}

Delete Regulation

Deletes a regulation from the Workspace. The regulation must be in the initialized state to be deleted.

• When called, this endpoint may generate the Regulation Deleted event in the audit trail.

Securitytoken
Request
path Parameters
regulateId
required
string [ 1 .. 255 ]
Example: 1qJkfE1tpwvQcklImGksLN629wn
Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

delete/regulations/{regulateId}
Request samples
import { configureApis, unwrap } from '@segment/public-api-sdk-typescript'

const api = configureApis('/* Insert your Public API token here */')

try {
  const result = await unwrap(api.deletionAndSuppression.deleteRegulation('1qJkfE1tpwvQcklImGksLN629wn'))
  console.log(JSON.stringify(result))
} catch (e) {
  console.log('ERROR:', e)
}
Response samples
{
  • "data": {
    }
}

Get Regulation

Gets a regulation from the Workspace.

  Config API omitted fields:
  • parent
Securitytoken
Request
path Parameters
regulateId
required
string [ 1 .. 255 ]
Example: 1qJkfE1tpwvQcklImGksLN629wn
Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

get/regulations/{regulateId}
Request samples
import { configureApis, unwrap } from '@segment/public-api-sdk-typescript'

const api = configureApis('/* Insert your Public API token here */')

try {
  const result = await unwrap(api.deletionAndSuppression.getRegulation('1qJkfE1tpwvQcklImGksLN629wn'))
  console.log(JSON.stringify(result))
} catch (e) {
  console.log('ERROR:', e)
}
Response samples
{
  • "data": {
    }
}

List Suppressions

Lists all suppressions in a given Workspace.

Securitytoken
Request
query Parameters
object (PaginationInput)

Pagination parameters.

This parameter exists in v1.

Example: pagination=pagination.count=5
Responses
200

OK

404

Resource not found

422

Validation failure

429

Too many requests

get/suppressions
Request samples
import { configureApis, unwrap } from '@segment/public-api-sdk-typescript'

const api = configureApis('/* Insert your Public API token here */')

try {
  const result = await unwrap(api.deletionAndSuppression.listSuppressions())
  console.log(JSON.stringify(result))
} catch (e) {
  console.log('ERROR:', e)
}
Response samples
{
  • "data": {
    }
}