API Documentation: Privacy Compliance Endpoints

Base URL

https://api.graze.social/app/api/v1/privacy-compliance

POST /request-removal

Submit a data removal request for a user account associated with the provided email address.

Request

URL: POST https://api.graze.social/app/api/v1/privacy-compliance/request-removal

Headers:

• Content-Type: application/json

Request Body:

{

"email": "string"}

Parameters:

FieldTypeRequiredDescriptionemailstringYesThe email address associated with the account to be removed

Response

Success Response (200 OK):

{

"filed": true}

Response Fields:

FieldTypeDescriptionfiledbooleanAlways true when the request is successfully filed

Behavior

1. The endpoint searches for user accounts associated with the provided email in both PatreonUser and Account tables
2. Creates a new DataRemovalRequest record with:
   • The provided email address
   • Associated patreon_user_id (if found)
   • Associated account_id (if found)
3. If no associated accounts are found (neither Patreon nor regular account), the request is automatically marked as complied by setting complied_at to the current UTC timestamp
4. The request is saved to the database and committed

Example Request

curl -X POST "https://api.graze.social/app/api/v1/privacy-compliance/request-removal" \

-H "Content-Type: application/json" \ -d '{"email": "user@example.com"}'

Example Response

{

"filed": true}

Notes

• Requests for email addresses not associated with any account are automatically marked as complied
• The endpoint always returns a successful response if the request is properly formatted
• Multiple removal requests can be filed for the same email address
• The actual data removal process may be handled asynchronously after the request is filed

POST /request-stats

Retrieve statistics about data removal requests.

Request

URL: POST https://api.graze.social/app/api/v1/privacy-compliance/request-stats

Query Parameters:

ParameterTypeDefaultDescriptioninclude_deletedbooleanfalseInclude deleted requests in the statistics calculations

Response

Success Response (200 OK):

{

"total_requests": 150, "complied_requests": 120, "denied_requests": 5, "median_response_days": 3.0, "mean_response_days": 4.2, "include_deleted": false}

Response Fields:

FieldTypeDescriptiontotal_requestsintegerTotal number of data removal requestscomplied_requestsintegerNumber of requests that have been complied withdenied_requestsintegerNumber of requests that have been deniedmedian_response_daysfloatMedian number of days to comply with requestsmean_response_daysfloatAverage number of days to comply with requestsinclude_deletedbooleanWhether deleted requests were included in the calculations

Behavior

• Filters out deleted requests by default (unless include_deleted=true)
• Calculates response time only for complied requests
• Response time is calculated as the number of days between created_at and complied_at
• Handles timezone conversion to UTC for proper date calculations

Example Request

curl -X POST "https://api.graze.social/app/api/v1/privacy-compliance/request-stats?include_deleted=false"

Example Response

{

"total_requests": 250, "complied_requests": 230, "denied_requests": 10, "median_response_days": 2.0, "mean_response_days": 3.5, "include_deleted": false}

Notes

• Response time statistics (median_response_days and mean_response_days) are only calculated for complied requests
• If no complied requests exist or no response times are available, both median and mean will be 0
• The statistics provide insight into GDPR/privacy compliance performance