Data access
For access requests, specify “Commerce (Personalization)” from the UI (or commerceMarketingData
as a product code in the API).
Data deletion
For deletion requests, Privacy Service deletes Commerce data stored in Commerce SaaS services for marketing purposes, meaning profiles and orders of data subjects are no longer sent to Adobe marketing applications for use in campaigns and customer journeys. However, Privacy Service does not delete data in the Commerce application, as it might be required for merchant transactional needs. Merchants are responsible for any data deletion/access requests in the Commerce application. See Shared responsibility security and operational model to learn more.
Commerce will notify merchants about deletion requests by sending them information for data subjects requesting deletion of certain data.
How to Create Access and Delete Requests
Prerequisites
To make requests to access and delete data for Adobe Commerce, you must have:
- an IMS Org ID
- an Identity identifier of the person you want to act on and the corresponding namespace(s). For more information about identity namespaces in Adobe Commerce and Experience Platform, see the identity namespace overview.
GDPR Request/delete access example:
For access requests, specify “Commerce (Personalization)” from the UI (or “commerceMarketingData” as a product code in the API).
For delete requests, make sure that the “Commerce (Personalization)” checkbox is enabled. Additionally, if customer profile and order data has already been sent from Commerce to Adobe Experience Platform, you must submit delete requests to the following downstream services.
- Profile (product code: “profileService”)
- AEP Data Lake (product code: “AdobeCloudPlatform”)
- Identity (product code: “identity”)
To send access and delete requests through the Privacy API, you must authenticate and manage permissions for Privacy Service:
Required headers
curl --location --request POST 'https://platform.adobe.io/data/core/privacy/jobs' \
--header 'Content-Type: application/json' \
--header 'x-api-key: {{CLIENT_ID}}' \
--header 'x-gw-ims-org-id: {{IMS_ORGID}}' \
--header 'Authorization: Bearer {{ACCESS_TOKEN}}' \
Request
{
"companyContexts": [
{
"namespace": "imsOrgID",
"value": "{{IMS_ORGID}}"
}
],
"users": [
{
"key": "sampleUserKey1",
"action": ["access"],
"userIDs": [
{
"namespace": "email",
"value": "dsmith@sample.com",
"type": "standard"
}
]
},
{
"key": "sampleUserKey2",
"action": ["access","delete"],
"userIDs": [
{
"namespace": "email",
"value": "ajones@sample.com",
"type": "standard"
}
]
}
],
"include": ["commerceMarketingData"],
"expandIds": false,
"priority": "normal",
"regulation": "gdpr"
}
Response
{
"requestId": "17284033173196154RX-223",
"totalRecords": 3,
"jobs": [
{
"jobId": "a52ca032-858e-11ef-bbb4-27391388a0a6",
"customer": {
"user": {
"key": "sampleUserKey1",
"action": [
"access"
],
"userIDs": [
{
"namespace": "email",
"value": "dsmith@sample.com",
"type": "standard",
"namespaceId": 6,
"isDeletedClientSide": false
}
]
}
}
},
{
"jobId": "a52ca034-858e-11ef-bbb4-d5d952d69769",
"customer": {
"user": {
"key": "sampleUserKey2",
"action": [
"delete"
],
"userIDs": [
{
"namespace": "email",
"value": "ajones@sample.com",
"type": "standard",
"namespaceId": 6,
"isDeletedClientSide": false
}
]
}
}
},
{
"jobId": "a52ca033-858e-11ef-bbb4-8361a5022341",
"customer": {
"user": {
"key": "sampleUserKey2",
"action": [
"access"
],
"userIDs": [
{
"namespace": "email",
"value": "ajones@sample.com",
"type": "standard",
"namespaceId": 6,
"isDeletedClientSide": false
}
]
}
}
}
]
}