GDPR Deletion Requests

The EU’s General Data Protection Regulation (GDPR) is a set of laws aimed at enhancing the protection of EU citizens’ personal data. GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens.

If your platform processes or controls personal data of EU citizens, those users have the right to request that you delete all of their personal data. If your organization receives a request for data deletion, you may forward it to Cove to ensure that all of the data we may have stored related to that user is also deleted from Cove's platform.


To utilize our GDPR Deletion Request API, all you need to do is send us the IDs of any users whose data should be deleted. To utilize this feature, make a POST request to You'll have to authenticate the request and add the relevant parameters to the body of the request, as shown in our code examples below.

REST API Examples

Below are some code snippets that you can paste directly into your code. You'll notice we're authenticating the request using your organization's API key in the HTTP headers.

const body = {
  userIds: [
      id: "user001", // your unique ID for this item
      typeId: "def456", // the ID of the user's "User Type" (in Cove's system)
      id: "user002",
      typeId: "def456"

const response = await fetch(
    method: 'post',
    body: JSON.stringify(body),
    headers: {
      "x-api-key": "<<apiKey>>",
      "Content-Type": "application/json"
import requests

headers = {
  'x-api-key': '<<apiKey>>',
  'Content-Type': 'application/json'
data = {
  'items': [
      'id': 'user001', # your unique ID for this item
      'typeId': 'def456', # the ID of the item's "Item Type" (in Cove's system)
    ... # other items
response =
response_dict = response.json()

$client = new \GuzzleHttp\Client();

$headers = [
  'x-api-key' => '<<apiKey>>',
  'Content-Type' => 'application/json'

$body = [
  'items' => [
    'id' => 'user001', // your unique ID for this item
    'typeId' => 'def456', // the ID of the item's "Item Type" (in Cove's system)

$response = $client->request('POST', '', [
  'headers' => $headers,
  'json' => $body,

echo $response->getBody();
curl --request POST \
    --url \
    --header 'x-api-key: <<apiKey>>' \
    --header 'Content-Type: application/json' \
    --data '{
        "items": [
                "id": "user001",
                "typeId": "def456"

These are the fields that we expect in the body of the request:

userIdsArray<ItemIdentifier>RequiredThe set of user identifiers that you are requesting Cove to delete.

ItemIdentifier schema:

idStringRequiredYour unique identifier for the user whose data should be deleted
typeIdStringRequiredThe ID of the Item Type that corresponds to the user being reported. This should exactly match the ID of one of the User Item Types that you defined in the Item Types Dashboard.