Create a test accountSign in to DashboardSystem status
Search…
Digital River API
Getting started
Integration options
Prebuilt Checkout
Direct Integrations
Connectors
Order management
Order basics
Fulfilling goods and services
Capturing and cancelling charges
Handling reversals
Responding to events
Files and file links
Payments
Payment solutions
Supported payment methods
Source basics
PSD2 and SCA
Product management
Product basics
Managing SKUs
Using product details
Grouping SKUs
SKU-inventory item pairs
Managing inventory items
Regulatory fees
Customer management
Customer basics
Creating and updating customers
Setting up tax exemptions
Recording a customer's request to be forgotten
Financial reporting
Financials basics
Sales transactions
Sales summaries
Payouts
Developer resources
Postman collection
Testing scenarios
API structure
Best practices
Standards and certifications
Rate Limiting
Commerce infrastructure
administration
Create test account
Sign in
Dashboard
General Resources
Digital River API reference
DigitalRiver.js reference
Release notes
Versioning
Glossary
Powered By GitBook
Recording a customer's request to be forgotten
Learn how to record a customer's request to be forgotten.
You must establish a process to allow a customer to request to be forgotten where required by EU law. Digital River will remove a customer's information in accordance with our data deletion process if you initiate a request to be forgotten on behalf of your customer.
The requestToBeForgotten is a boolean parameter that indicates whether or not a customer asked to be forgotten.
When a customer asks to be forgotten, Digital River logs the request to remove personally identifiable information (PII) from our system. PII is any information that someone could use to uniquely identify, contact, or locate an individual.
If you receive a request to be forgotten from a customer, you can programmatically set requestToBeForgotten to true on the Customer resource. If you receive a request to be forgotten from a guest user who has placed an order and for whom you have not created a Customer resource, you can set requestToBeForgottento true on the Order resource.
See https://www.digitalriver.com/corporate-policies for more information on Digital River Privacy Policy.
You choose to record a customer's request to be forgotten from the Dashboard or programmatically.

Example record request from the Dashboard

To record the customer's request to be forgotten from the Dashboard.
  1. 1.
    Sign in to the Dashboard.
  2. 2.
    Click All orders.
  3. 3.
    Click an identifier link under the ID column.
  4. 4.
    Under Customer, click the Request removal of personal information link.
  5. 5.
    Click Confirm.
  6. 6.
    ​Send an email to the customer to confirm the change.

Example record request and response

Update a Customer object for a specific customer that sets the requestToBeForgotten parameter to true with a POST request.
cURL
curl https://api.digitalriver.com/customers/5823594808 \
-u sk_test_db9682a2-b04a-4e94-8e11-35fe8ec0b324: \
-d requestToBeForgotten=true
A 200 OK response returns a Customer object:
JSON
{
"name": "John Smith",
"phone": "952-111-1111",
"email": "[email protected]",
"organization": "Digital River"
},
"defaultSourceId": "src_fd74a5c5-0163-469a-ae8e-031f0259b576",
"requestToBeForgotten": true,
"enabled": true
}
Digital River will send a webhook to you that indicates we received the customer's request to be forgotten. When you receive the customer.updated webhook with this change, send an email to the customer to confirm the change.

Example email

You can use the following text as a template when you send an email to a customer stating that you received and processed their request. Replace the variables with the appropriate information.
Plain Text
Subject: <%YOUR_SITE_NAME%> - Request for personal data removal has been received
​
Dear <%CUSTOMER_NAME%>,
​
Thank you for contacting <%YOUR_SITE_NAME%>. We have received your request to remove your personal data from our records.
​
E-commerce services are provided by Digital River. Your personal information will be removed once legal and business obligations for retention of this data have been satisfied. For questions regarding this request, please refer to Digital River’s Privacy Policy: https://www.digitalriver.com/corporate-policies.
​
Please note: This email message was sent from a notification-only address that cannot accept incoming emails. Please do not reply to this message.
​
Sincerely,
<%YOUR_SITE_NAME%> Customer Service
<%YOUR_CUST_SERVICE_URL%>
Customer management - Previous
Setting up tax exemptions
Next - Financial reporting
Financials basics
Last modified 3mo ago
Export as PDF
Copy link
Outline
Example record request from the Dashboard
Example record request and response
Example email