User Documentation

PII deletion

This section provides you with information on how to enable PII deletion and about the PII data deletion workflow.

Suggest Edits

Introduction

The Personally Identifiable Information (PII) data deletion feature allows customers to delete their personal data from the customer data platform. This provides customers greater control over their privacy and helps to protect their data or unauthorised access to their information.

Prerequisites

  1. Enable customer status. See Enable customer status.
  1. Make sure that a label is created for each customer status. For more information on customer status labels, see Create customer status label.

    📘

    For Pending Deletion, the platform creates a deletion_pending status automatically and assigns it whenever a deletion request is raised. The platform does not use any label that you created against the Pending Deletion status.

  2. Configure PII deletion. See Configuring PII deletion.
  3. If required, select and mark the required extended field, custom field and payment mode attributes as PII data. See Classifying custom field, extended field and payment attribute as PII data.

Data deletion workflow

Raising deletion request

A PII deletion request can be performed from the Member Care, refer to .the documentation on user deletion from Member Care.
For more information on the PII deletion APIs, see Add deletion request API documentation.

Configuring PII deletion

To enable and configure the PII deletion

  1. From Organisation settings, navigate to Organization Setup -> PII Configurations.
  2. To enable the PII deletion, select the CONF_ENABLE_PII_DELETION check box.
  1. To set the number of days after which the data is deleted (deletion waiting period), enter the number in the CONF_PII_DATA_DELETE_AFTER_DAYS field. You can enter any value between 0-90.

    📘

    If the waiting period is set to 0 days, the system deletes the data on the same day that you raised the requests and approves if approval workflow is involved. For example, if a customer raises a deletion request at 1400 hrs, the system processes deletion at midnight on the same day depending on the time zone of the cluster the org belongs to on the Capillary platform.

  2. Click Submit.

For information about the data deleted and retained, see Understanding what data is deleted and retained.
To classify custom fields, extended fields, and payment attributes as PII data, see Classifying custom fields, extended fields and payment attributes as PII data.

Understanding what data is deleted and retained

Deleted dataNon-deletion data
First name and last nameUser ID
Identifiers such as mobile, e-mail and external idTransactions (but transaction custom/extended fields can be configured to be deleted). See Classifying custom field, extended field and payment attribute data as PII data.
Customer custom and extended fields. This is configurable. See Classifying custom field, extended field and payment attribute data as PII data.Communications data
Payment mode attributes against a transactionPayment mode (Card, UPI, BNPL) details used for the transaction. But the attributes can be deleted. See Configuring data that need not be deleted.
V1 and V2 profile identifiersPII data in the promo engine or on the OTA (Over The Air) side
V1 and V2 profile comm channelsCoupons/promotions/gift vouchers
Identifiers/login details in the auth engineBehavioural events
Card custom fields and card extended fields. See Configuring data that need not be deleted.Points data (will still be attributed to User ID)
Search database (solr/ES)Supplementary and coalition memberships
Identifier change logsTargets and Member care profiles - If you have the profile URL, you can access the profile; however, the page displays a message indicating that the customer has been deleted.
Identifiers that are kept in the change requests log are set to nullUser group dependencies and associations. Deleted customers remain part of groups/companies unless explicitly removed from groups (User ID remains)
Customer data audit logsPII captured in leads data
-Any other details not mentioned under Deleted data.

Classifying custom field, extended field and payment attribute data as PII data

By default when you enable PII deletion configuration, the mobile, e-mail and external ids from the customer entity data get deleted. For custom fields, extended fields and payment attributes, you have the option to include them as part of the PII data.

Custom field and Extended fields

If you want to include custom fields and extended fields as part of PII data, perform the following:

  1. From the Organisation settings, navigate to Master Data Management > Data Model > Custom fields/Extended fields.
  1. Select the desired custom field/extended field that needs to be part of PII data.
  2. Click Edit.
  3. Select the Is this pii data/Is it PII data check box.
  1. Click Submit.

Payment attributes

If you want to include payment attributes as part of the PII data, perform the following:

  1. From the Organisation settings, navigate to Organisation set up > Payment modes > Tenders.
  1. Select the desired tender and click the edit icon.
  2. Select the desired attribute that needs to be part of the PII data and click the edit icon.
  1. Click the attributes value icon.
  1. From the Selection drop-down, select the desired unit.
  1. Select the Is PII Data check box.
  2. Click Save.

Submitting and approving requests through Membercare

For information on submitting and approving member account deletion requests from Membercare, refer to Request management documentation.

Deletion request status

ActionRequest statusCustomer status and status label
Capillary receives a deletion requestPENDINGNo change to the customer status
The brand rejects the deletion requestREJECTEDNo change to the customer status
Capillary receives a deletion requestAPPROVEDPending Deletion: Deletion_pending
The customer cancels the deletion requestCANCELEDPrevious customer status
Capillary deletes the customer PII after the waiting period.DELETEDDELETED: Deleted

FAQs

  1. Can we raise bulk PII data deletion requests?
    For bulk PII deletion, use Connect+. See PII data flow.
  2. Is the PII deletion request approved by default?
    This depends on the query parameter. PII deletions need to be approved.
  3. Are custom fields and extended fields part of PII data?
    No. But, you can mark the desired custom fields and extended fields as PII data.
  4. Will PII details in the Auth engine be deleted for the users who raised the request?
    Yes. After the PII deletion waiting period lapses.
  5. Will event data (behavioural events, transaction events, etc.)be deleted?
    No. Data attributed to the user id is not deleted as the user id is not categorized as PII data.
  6. What happens if the waiting period is set as 0 days?
    If the waiting period is set to 0 days, the system deletes the data on the same day.
  7. My brand's transaction custom fields/extended fields also have PII data. Can those be marked for deletion?
    Yes. You can mark those data as PII data. See Custom field and extended field PII data.
  8. Can I view a deleted customer's events on Member Care?
    Yes.
  9. Will the profile be visible if I go to the profile using user_id in the Member Care URL?
    No.
  10. Are payment mode attributes deleted by default?
    No. But you can configure payment attributes as PII data. See payment attributes.
  11. My brand's payment mode attributes have sensitive PII data. Can I delete that?
    You can configure payment attributes as PII data. See payment attributes.
  12. I want to delete event data (transactions, behavioural events and so on) of customers. Is this possible?
    No.
  13. Will communications sent to a customer be deleted?
    No.
  14. What happens to active coupons that are not redeemed?
    You cannot redeem the active coupons associated with the deleted customer ID.
  15. Will OTP messages get sent to customers?
    After the PII deletion, the customer will not get any message.
  16. How can a customer track the status of a deletion request?
    Brands can use the GET APIs and the event notifications to update the status of the customers.
  17. Is there a UI to view all deletion requests raised in an org?
    Yes.
  18. How can a CSR raise a deletion request?
    CSR can raise deletion requests through member care.
  19. Can any CSR raise a deletion request?
    This depends on access rights. If you have access, you can raise deletion requests on behalf of a customer.

Updated 6 months ago