Data Privacy on API

Data posted to REST API

Any new data created or modified by the user on REST API is only visible to that particular user. Since token is only the key to identify the user, user should pass the token for GET requests also (otherwise user won't be able to view the data that he created or modified). This is done to protect the user privacy in case if user has posted any personal information. Everyday all existing data is deleted and created again with fake values.

API Logs

API logs created to trouble shoot in case of any issues. User can delete them at any time, if not deleted by user those will be deleted by system after 7 days

User Account Deletion

User has option to delete his own account with all data, in this case account will be scheduled for deletion in 24 hours. The following actions are performed during deletion.

  • Access token are deleted.
  • Any answers posted by the user in Help section are deleted.
  • Any questions posted by the user in Help section are deleted.
  • Any user created/modified data on the API end points users, posts, comments and todos are deleted.
  • API access logs are deleted.
  • Application will send a confirmation email to user
  • User account is deleted.

Little markdown supported