The General Data Protection Regulation (GDPR) has been adopted by the European Union (“EU”). It establishes a stronger data protection regulatory framework for processing of personal data of individuals, and impacts contracts, policies, and procedures when handling personal data.

Blueshift offers various features to help you comply with GDPR Right of Access or Right to Erasure requests from your customers.

Export Customer Data

You can use the segment export functionality in Blueshift to download customer data in CSV format. Under the GDPR, EU residents have a right to access their personal data and are entitled to obtain their personal data in a commonly used format, such as a CSV file.

You can also use the Search customer or Get customer APIs to get the information about a particular customer and then convert it into a CSV file.

Update (Rectify) End-Customer Data

You can use the following ways to rectify customer data:

User API: 
You can use the create/update endpoint to update or set user attributes to null.  To set a user attribute to null, set the value to null in the API call.

CSV upload: 
You can also rectify the data using the user upload functionality. To set a user attribute as null, leave the value as blank in your csv file.

Deletion and automatic suppression

You can use the delete customer endpoint for deleting customer data and for automatic suppression. Issuing this call for a customer ensures that all personal data related to the customer is deleted from the index of customer data that Blueshift maintains for you. Any future data related to the customer will also be suppressed. As a result, the data will not make its way to any marketing action in Blueshift.  


In addition to deleting a customer, Blueshift also allows you to forget a customer by using the forget customer endpoint. For more information, see Remove a customer profile.

Opting out of Email tracking

The e-privacy Directive (EU Directive 2002/58/EC) complements the GDPR and sets out more specific privacy rights on electronic communications.

The e-privacy Directive dictates that we must ensure that we do not track ( opens, clicks, of) emails sent to customers who have not consented to receive marketing emails.

For more information on how Blueshift helps you to comply with the e-privacy Directive, see Link tracking and opting out.

Additional Information

Was this article helpful?
1 out of 1 found this helpful



Please sign in to leave a comment.