|
2 | 2 | title: "User Deletion and Suppression" |
3 | 3 | --- |
4 | 4 |
|
5 | | -In keeping with our commitment to GDPR and CCPA readiness, Segment offers the ability to delete and suppress data about end-users when they can be identified by a `userId`, should they revoke or alter their consent to data collection. For example, if an end-user invokes their Right to Object or Right to Erasure under the GDPR or CCPA, you can use these features to block ongoing data collection about that user and, additionally, to delete all historical data about them from Segment's systems, connected S3 buckets and warehouses, and supported downstream partners. |
| 5 | +In keeping with Segment's commitment to GDPR and CCPA readiness, Segment offers the ability to delete and suppress data about end-users when they are identifiable by a `userId`, should they revoke or alter consent to data collection. For example, if an end-user invokes the Right to Object or Right to Erasure under the GDPR or CCPA, you can use these features to block ongoing data collection about that user and delete all historical data about them from Segment's systems, connected S3 buckets and warehouses, and supported downstream partners. |
6 | 6 |
|
7 | | -[Contact us](https://segment.com/help/contact/) if you need to process more than 100,000 users within a 30 day period. |
| 7 | +[Contact Support](https://segment.com/help/contact/) if you need to process more than 100,000 users within a 30 day period. |
8 | 8 |
|
9 | | -**NOTE (Business Plan Customers):** If you use this feature to delete data, you can not Replay the deleted data. For standard Replay requests, you must wait for any pending deletions to complete, and you cannot submit new deletion requests for the period of time that we replay data for you. |
| 9 | +> info "Business Plan Customers)" |
| 10 | +> If you use this feature to delete data, you can not Replay the deleted data. For standard Replay requests, you must wait for any pending deletions to complete, and you cannot submit new deletion requests for the period of time that Segment replays data for you. |
10 | 11 |
|
11 | | -**NOTE:** The legacy GraphQL APIs for user deletion and suppression are deprecated. Instead, use the [Segment Config APIs](https://reference.segmentapis.com/?version=latest#57a69434-76cc-43cc-a547-98c319182247) to interact with our User Deletion and Suppression system. |
| 12 | +> info "" |
| 13 | +> The legacy GraphQL APIs for user deletion and suppression are deprecated. Instead, use the [Segment Config APIs](https://reference.segmentapis.com/?version=latest#57a69434-76cc-43cc-a547-98c319182247) to interact with the User Deletion and Suppression system. |
12 | 14 |
|
13 | 15 | ## Overview |
14 | 16 |
|
15 | | -All deletion and suppression actions in Segment are asynchronous, and are categorized as what we call "Regulations." **Regulations** are requests to Segment to control your data flow. They can be issued from your Segment Workspace Settings page under **End User Privacy.** |
| 17 | +All deletion and suppression actions in Segment are asynchronous, and categorized as Regulations.Regulations are requests to Segment to control your data flow. You can issue Regulations from your Segment Workspace, in Settings > End User Privacy |
16 | 18 |
|
17 | | - |
| 19 | +With Regulations, you can issue a single request to delete and suppress data about a user by `userId`. Segment scopes Regulations to your workspace, and targets all sources within the workspace. |
18 | 20 |
|
19 | | -With Regulations you can issue a single request to delete and suppress data about a user by `userId`. All regulations are scoped to your workspace, and target all sources within the workspace. This way, you don't need to look at every source in Segment to delete data about a single user. |
| 21 | +The three types of Regulation are: |
20 | 22 |
|
21 | | -There are currently three valid regulation types: |
22 | | - |
23 | | - - **SUPPRESS** |
24 | | - - **UNSUPPRESS** |
25 | | - - **SUPPRESS\_AND\_DELETE** |
| 23 | + - SUPPRESS |
| 24 | + - UNSUPPRESS |
| 25 | + - SUPPRESS\_AND\_DELETE |
26 | 26 |
|
27 | 27 | ## Suppression Support and the Right to Revoke Consent |
28 | 28 |
|
29 | | -`SUPPRESS` regulations add a user to your suppression list by their `userId`. Suppressed users are blocked across all sources; any message you send to Segment with a suppressed userId is blocked at our API. These messages do not appear in the debugger, are not saved in our archives and systems, and are not sent to any downstream server-side destinations. Suppression does not affect device-mode destinations. |
| 29 | +`SUPPRESS` regulations add a user to your suppression list by the `userId`. Segment blocks suppressed users across all sources; messages you send to Segment with a suppressed `userId` are blocked at the API. These messages do not appear in the debugger, are not saved in archives and systems, and are not sent to any downstream server-side destinations. Suppression does not affect device-mode destinations. |
30 | 30 |
|
31 | | -Usually, when a customer exercises their right to erasure, they also expect that you stop collecting data about them. Suppression regulations ensure that regardless of how you're sending data to Segment, if a user opts out, their wishes are respected on an ongoing basis and across applications. |
| 31 | +When a customer exercises the right to erasure, they expect that you stop collecting data about them. Suppression regulations ensure that regardless of how you're sending data to Segment, if a user opts out, Segment respects their wishes on an ongoing basis and across applications. |
32 | 32 |
|
33 | 33 | **Suppression is not a substitute for gathering affirmative, unambiguous consent about data collection and its uses.** |
34 | 34 |
|
35 | | -Segment offers suppression tools to help you manage the challenge of users opting-out across multiple channels and platforms. However, we encourage and expect that you design your systems and applications so you don't collect or forward data to Segment until you have unambiguous, specific, informed consent or have established another lawful legal basis to do so. |
| 35 | +Segment offers suppression tools to help you manage the challenge of users opting-out across different channels and platforms. Segment encourages and expects that you design your systems and applications so you don't collect or forward data to Segment until you have unambiguous, specific, informed consent or have established another lawful legal basis to do so. |
36 | 36 |
|
37 | 37 | To remove a user from the suppression list, create an `UNSUPPRESSION` regulation. |
38 | 38 |
|
39 | 39 | ## Deletion Support and the Right to Be Forgotten |
40 | 40 |
|
41 | 41 | When you create a `SUPPRESS_AND_DELETE` regulation, the user is actively suppressed, and Segment begins permanently deleting all data associated with this user from your workspace. This includes scanning and removing all messages related to that `userId` from all storage mediums that don't automatically expire data within 30 days, including archives, databases, and intermediary stores. |
42 | 42 |
|
43 | | -Messages with this `userId` are also deleted from your connected raw data Destinations, including Redshift, BigQuery, Postgres, Snowflake and Amazon S3. Warehouse deletions happen using a DML run against your cluster or instance, and we delete from S3 by "recopying" clean versions of any files in your bucket that included data about that `userId`. |
| 43 | +Segment deletes messages with this `userId` from connected raw data Destinations, including Redshift, BigQuery, Postgres, Snowflake, and Amazon S3. Warehouse deletions occur using a DML run against your cluster or instance, and Segment delete from S3 by "recopying" clean versions of any files in your bucket that included data about that `userId`. |
44 | 44 |
|
45 | | -Finally, we also forward these deletion requests to a growing list of supported partners. |
| 45 | +Segment forwards these deletion requests to a growing list of supported partners. |
46 | 46 |
|
47 | 47 | **Segment cannot guarantee that data is deleted from your Destinations.** |
48 | 48 |
|
49 | | -We forward deletion requests to supported streaming Destinations (such as Braze, Intercom, and Amplitude) but you should confirm individually with each partner that the request was fulfilled. |
| 49 | +Segment forwards deletion requests to supported streaming Destinations (such as Braze, Intercom, and Amplitude) but you should confirm that each partner fulfills the request. |
50 | 50 |
|
51 | 51 | You will also need to contact any unsupported Destinations separately to manage user data deletion. |
52 | 52 |
|
53 | 53 | Note that if you later **UNSUPPRESS** a user, the deletion functionality does not clean up data sent after removing the user from the suppression list. |
54 | 54 |
|
55 | | -## **UI Walkthrough** |
| 55 | +## Supressed users |
56 | 56 |
|
57 | | -## Suppressed Users |
| 57 | +The Suppressed Users tab shows an up-to-date list of **actively** suppressed `userId`s. Segment blocks data about these users across all sources. |
58 | 58 |
|
59 | | -The Suppressed Users tab shows an up-to-date list of **actively** suppressed `userId`s. Data about these users is blocked across all sources. |
| 59 | +### Suppress a new user |
60 | 60 |
|
61 | | -To create a suppression regulation and add a userId to this list, click **Add User**, and enter the `userId` in the field that appears. Then click **Request Suppression**. |
| 61 | +To create a suppression regulation and add a `userId` to this list, click **Suppress New User**, and enter the `userId` in the field that appears. Then click **Request Suppression**. |
62 | 62 |
|
63 | | - |
| 63 | +Segment creates a `SUPPRESS` regulation, and adds the `userId` to your suppression list within 24 hours. |
64 | 64 |
|
65 | | -A `SUPPRESS` regulation is created, and this userId is added to your suppression list within 24 hours. |
| 65 | +### Remove a user from the suppression list |
66 | 66 |
|
67 | 67 | To remove a user from the suppression list, click the ellipses (**...**) icon on the `userId` row, and click **Remove**. |
68 | 68 |
|
69 | | - |
70 | | - |
71 | | -This creates an `UNSUPPRESS` regulation, the `userId` is removed from your suppression list, and their data is no longer blocked within 24 hours. |
72 | | - |
73 | | -## Deletion Requests |
74 | | - |
75 | | -The deletion requests pane shows a log of all regulations with a deletion element along with their status, so that you can see the status of a deletion. |
| 69 | +This creates an `UNSUPPRESS` regulation, and removes the `userId` from your suppression list, within 24 hours. |
76 | 70 |
|
77 | | - |
| 71 | +## Deletion requests |
78 | 72 |
|
79 | | -You can click an individual deletion to view its status across Segment and your connected destinations. |
| 73 | +The deletion requests tab shows a log of all regulations with a deletion element along with status. |
80 | 74 |
|
81 | | - |
| 75 | +Click a deletion to view its status across Segment and your connected destinations. |
82 | 76 |
|
83 | | -> Note: Deletion requests submitted through the [Segment Batch API](https://reference.segmentapis.com/?version=latest#57a69434-76cc-43cc-a547-98c319182247) appear in this view. |
| 77 | +> info "" |
| 78 | +> Deletion requests submitted through the [Segment Batch API](https://reference.segmentapis.com/?version=latest#57a69434-76cc-43cc-a547-98c319182247){:target="_blank"} appear in this view. |
84 | 79 |
|
85 | 80 | ## Programmatic User Deletion and Suppression using the API |
86 | 81 |
|
87 | | -Use the [Segment Config APIs](https://reference.segmentapis.com/?version=latest#57a69434-76cc-43cc-a547-98c319182247) to interact with our User Deletion and Suppression system. |
| 82 | +Use the [Segment Config APIs](https://reference.segmentapis.com/?version=latest#57a69434-76cc-43cc-a547-98c319182247){:target="_blank"} to interact with the User Deletion and Suppression system. |
88 | 83 |
|
89 | 84 | ### Regulate User from a single Source in a Workspace |
90 | 85 |
|
91 | | -Refer to [Create Source Regulation](https://reference.segmentapis.com/?version=latest#32732f1a-572c-457b-9c38-77f3c7f77559) in the Config API. |
| 86 | +Refer to [Create Source Regulation](https://reference.segmentapis.com/?version=latest#32732f1a-572c-457b-9c38-77f3c7f77559){:target="_blank"} in the Config API. |
92 | 87 |
|
93 | 88 | ### Delete Object from a Cloud Source |
94 | 89 |
|
95 | | -Refer to the [Cloud Source Object Deletion](https://reference.segmentapis.com/?version=latest#1273ed6e-43e2-4cc2-a9bc-f0c7d2f153e8) Config API method. |
| 90 | +Refer to the [Cloud Source Object Deletion](https://reference.segmentapis.com/?version=latest#1273ed6e-43e2-4cc2-a9bc-f0c7d2f153e8){:target="_blank"} Config API method. |
96 | 91 |
|
97 | 92 | Cloud Sources sync objects to Segment. As a result, Cloud Sources are regulated based on an `objectId` instead of a `userId`. |
98 | 93 | Before you delete the object from Segment, you should delete it from the upstream system first. |
99 | 94 |
|
100 | 95 | ### List Suppressed Users for your Workspace |
101 | 96 |
|
102 | | -Refer to [List Suppressed Users](https://reference.segmentapis.com/?version=latest#2ad8f59e-2490-4a85-bc6d-d758a6a373ce) method in the Config API. |
| 97 | +Refer to [List Suppressed Users](https://reference.segmentapis.com/?version=latest#2ad8f59e-2490-4a85-bc6d-d758a6a373ce){:target="_blank"} method in the Config API. |
103 | 98 |
|
104 | 99 | ### List Deletion Requests for your Workspace |
105 | 100 |
|
106 | | -Refer to the [List Regulations](https://reference.segmentapis.com/?version=latest#e27e4dac-892d-431e-b4f8-cee0eca5b3d8) Config API method. |
| 101 | +Refer to the [List Regulations](https://reference.segmentapis.com/?version=latest#e27e4dac-892d-431e-b4f8-cee0eca5b3d8){:target="_blank"} Config API method. |
0 commit comments