Personally Identifiable Information Removal

Modified on Tue, 06 Feb 2024 at 12:34 PM



In the course of your business, you may need to comply with CCPA and GDPR regulations.  ACME is here to help with right to be forgotten requests with our Personally Identifiable Information (PII) removal API.

For more information on such regulations, please refer to CCPA ( or Article 17 of GDPR (

This API call complies with these by removing:

First Name

Last Name


Phone number

From ACME transactions tables.

Because both of these calls require you to provide the PaymentKey they need to be made to ACME from your backend (as the PaymentKey is secret and needs to be protected).

Removing PII

To remove the PII associated with a transaction, simply make a call with referencing MID, previously assigned externalId and TransactionId.  Success will remove those fields from ACME's systems and any subsequent transaction GET calls will also return scrubbed data.

The flag dryRun can be used to test a call for successful response before execution.

curl -X PUT{mid}/gdpr -H 'Content-Type: application/json' -H 'x-acme-payment-key:  {api_key}' -d '{
"id" : "sale_xxxx-xxxx-xxxx",
"dryRun" : true
} }'


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article