GDPR Compliance
In the light of GDPR obligations to honour customers’ “Right to be forgotten” request, Zalando is of the legal requirement to notify all recipients to whom personal data have been disclosed about our customer’s deletion requests in a secure manner.
We are being GDPR compliant and making it easy for your company too. As part of GDPR article 17, right to be forgotten, a user can ask for their data to be removed from anywhere and this has to be honoured within a stipulated time. So, from Zalando's perspective, in addition to removing the personal information from our side, we have to inform you, our co processors of data regarding those customers for deletion as well. In order to be GDPR complaint, you'd have to remove all the data related to these customers in your systems as well.
Additional Resources
- You can check out our orders-deletion-requests endpoint which exposes the orders data for customers who have requested for data deletion and ordered from you in past.