In the context of the European Global Data Protection Regulation (GDPR), an important set of functions provided by the Qualtrics API are the data privacy functions, which allow the following actions:

  1. Create an erasure request
  2. List your erasure requests
  3. Retrieve a given erasure request

To use this call you must be a Qualtrics brand administrator.

Create an erasure request

The function create_eraser_request takes a list of emails and searches for all entities within Qualtrics that match any of the supplied emails. The entities include:

  • Users
  • MailingList & XM Directory contacts
  • People

For the found entities, the service will erase any responses that have been been submitted, along with any tickets that may have originated from their responses.

The call is implemented with the parameter searh_only = TRUE to perform a dry run before deciding to erase the information associated to the email with searh_only = FALSE.

# Create a dry run erasure request
create_erasure_request(list("john.doe@alabama.com", "maria.doe@alabama.com"))
# Create a erasure request
create_erasure_request(list("john.doe@alabama.com"), FALSE)

List and retrieve erasure requests

You can list all erasure requests performed by the brand:

list_erasing_requests()

This allows you to use the id of a given erasure request to retrieve to inspect the request:

get_erasing_request("OP-a2c24e5e-d4b1-4bd8-a9e8-9a1c8520c8d2")

Note that a given erasure request can only be retrieve once that request has been fully processed by Qualtrics. This means that until the status available from the list_erasing_requests appears as Completed, the get_erasing_request will return an error.