Data Privacy API V2 Overview

This API is used for managing data privacy-related requests. It is organized around REST. The API endpoints were designed to be predictable and resource-oriented and use HTTP response codes to indicate API errors. This means a single resource or endpoint can and often does provide different functionality based on the HTTP verb used to access it. JSON must be used to send data to the API (except for GET and DELETE requests, which also accept URI parameters). JSON is returned in all responses from the API if there is content in the response.

This API currently only supports requesting a data privacy-compliant deletion for the person record corresponding to an email address, phone number, or person identifier. For more information on the deletion process, please refer to the data privacy compliance guide. You can view the list of all person records that have been deleted from your account in a data privacy-compliant manner on the Deleted Profiles page.

Libraries

We are working on adding the Data Privacy API V2 to our existing libraries. If you want to be notified when those libraries have been updated you can watch the following repositories:

Python (https://github.com/klaviyo/python-klaviyo)
Ruby (https://github.com/klaviyo/ruby-klaviyo)
PHP (https://github.com/klaviyo/php-klaviyo)
Node.js (https://github.com/klaviyo/node-klaviyo)

API Endpoint

https://a.klaviyo.com

Summary of Resource URL Patterns

  • POST /api/v2/data-privacy/deletion-request

Authentication

Klaviyo's API is served over HTTPS and all requests must be authenticated. You authenticate to the Data Privacy API V2 by providing one of your private API keys as part of each request. You can manage your private API keys from your account.

Your Private API key

To view your API key, you need to log in.

Rate Limiting

All of these endpoints are rate limited. You should be sure to check the response codes and retry requests that exceed the rate limit at a later time. A rate limited response will include a timestamp corresponding to when the endpoint will become available again.

Deletion Requests

Request a Deletion

Request a data privacy-compliant deletion for the person record corresponding to an email address, phone number, or person identifier. If multiple person records exist for the provided identifier, only one of them will be deleted.

Arguments

The arguments should be sent as content type application/json. The API key can also be specified in the request header with the key api-key.

Note that only one identifier (email, phone_number, or person_id) can be specified.

api_key
string
The private API key for your account.
email
string
The email address corresponding to a person record to delete.
phone_number
string
The phone number corresponding to a person record to delete.
person_id
string
The person identifier corresponding to a person record to delete.
Response

Successful requests will return with HTTP OK responses. Invalid requests will be accompanied by an error message.

POST https://a.klaviyo.com/api/v2/data-privacy/deletion-request { "api_key": "PRIVATE_API_KEY", "email": "example@gmail.com", } { "api_key": "PRIVATE_API_KEY", "phone_number": "1-234-567-8910", } { "api_key": "PRIVATE_API_KEY", "person_id": "abc123", }