Einstein GDPR Delete Usage

Commerce Einstein uses email addresses, user IDs, and cookie IDs to identify buyers and shoppers and deliver tailored customer experiences. Commerce Einstein uses these same values when locating and deleting customer data, or locating and rendering customer data anonymous.

When you post a sendGDPRDelete request, the API uses the provided idType object, coupled with the provided idValue object, to locate matching data in the Einstein engine. How the API treats found data depends on the type of data it locates, and how the data was originally obtained. For example, the API deletes any customer data uploaded using data feeds, and any site activity data associated with a specified ID. However, for internal data extracted through machine learning, the API makes the data anonymous by removing any association between internal IDs using the data, and customer IDs residing in the Einstein engine.

When deleting data, the API not only deletes rows of data where an ID is present, it also deletes data for any associated IDs. For example, when searching activity data or data feeds, if the API finds another ID associated with the ID you want to delete, the API also deletes data for that associated ID.

The Einstein GDPR Delete API request body supports two parameters for locating data. You must specify values for both parameters in the request body.

  • idType - Indicates the type of ID you want to use when identifying customer data. Options include:

    • emailId - Email address of the buyer or shopper.
    • userId - Unique identifier of a logged-in shopper (for example, a login_id, username, or userId value specific to the Einstein API). This value enables Einstein to link the same logged-in user across multiple devices.
    • cookieId - Unique identifier of an anonymous shopper. Typically, the cookieId is the value of the first-party cookie.
  • idValue - Specifies the value that you want to locate and delete, in the form of the idType you specify.

    When specifying an email value, ensure that it uses a valid format.

When the API successfully deletes data from the Einstein engine, the API returns 202 status response containing a deleteId value and a deleteStatusLink. Using this information from this response, you can view the status of a getGDPRDeleteStatus request in two different ways.

  • Include the deleteId value from your sendGDPRDelete request response in the getGDPRDeleteStatus request. For example:


    A successful response shows the status - PENDING or COMPLETE.

  • Use the URL provided as the deleteStatusLink to view the status – PENDING or COMPLETE.