GDPR API logo

Delete customer personal data to fulfill GDPR erasure requests

Remove all of a customer's data, including feedback and Portal votes, with one authenticated API call.

Overview

The GDPR API deletes customer personal data from Productboard so you can fulfill right-to-erasure requests. A single request removes everything tied to a customer's email address. It's built for workspace admins, privacy and compliance teams, and developers automating data governance.

Delete all data for a customer

Send a DELETE request with the customer's email address and Productboard permanently removes the data associated with it, including their feedback on Insights boards and their Portal votes. Deletion typically completes within minutes and always within 24 hours. A deleted customer can be re-created with the same email address and vote again.

Build it into your compliance pipeline

Because the API is a single authenticated call, it slots into existing erasure workflows, whether you run a platform like OneTrust or your own scripts. Once wired in, Productboard is included automatically every time an erasure request comes through.

Setup

Workspace admins can generate a GDPR API token and start making requests. No other configuration is required.

  1. In Productboard, go to Workspace Settings → Integrations → Public API → GDPR Public API and click + to generate a token. This token is dedicated to the GDPR API, and requests made with the standard Public API token return a 401 error.
  2. Call DELETE https://api.productboard.com/v1/customers/delete_all_data?email=<email>.
  3. Authenticate each request with the header Private-Token: <your-gdpr-api-token>.

More integrations in this category