Talkable's full-stack anonymization system handles CCPA, GDPR, and Facebook data deletion requests, automatically erasing personal data while keeping aggregate analytics intact.
When a customer requests deletion of their personal data, Talkable's anonymization engine processes the request across every data type it holds, replacing all identifying fields with opaque placeholders while keeping aggregate records intact.
The process is idempotent. Before processing, the system checks for an existing @anonymized.email address and skips if already done.
California Consumer Privacy Act requires honoring deletion requests within 45 days. Talkable handles the full lifecycle automatically.
Right to erasure under GDPR. Clients in EU markets can route deletion requests through the API or Customer Service Portal.
When a Facebook user disconnects your app, Facebook sends a signed deletion webhook. Talkable processes it automatically.
Every data type Talkable holds is processed through the same engine. Here's what changes, and what stays.
Before processing, the engine checks whether the email already ends in @anonymized.email. If so, it exits cleanly without re-processing. This means running the same deletion request twice produces no side effects.
Every path routes into the same anonymization engine. The outcome is identical regardless of how the request arrives.
Customers fill out the public form at talkable.com/data_removals/new. The same form can be embedded as an iframe on a client's own privacy page.
User fills form, receives confirmation email, clicks to confirm, async anonymization runs, completion email sent.
Client support staff can trigger anonymization directly from within the Talkable admin. Navigate to Admin, then Customer Service, look up the person, and select Anonymize.
Client is notified when a CSP-triggered anonymization completes, creating an audit trail on their end.
Clients with their own CCPA or GDPR request handling can call the anonymization endpoint programmatically, integrating it into their existing deletion workflows.
No email confirmation step. The API call triggers the anonymization engine directly. Responds with the updated person record.
When a Facebook user removes your app from their account, Facebook sends a signed deletion request. Talkable handles this automatically at the platform level.
Signed with HMAC-SHA256 for verification. Automatic processing, no manual action required from client or Talkable team.
From form submission to final confirmation, the process runs asynchronously with email checkpoints at each key stage.
Submits email at talkable.com/data_removals/new. System checks whether account exists.
If account found, a confirmation email goes to the address. Status moves to waiting_confirmation.
Customer clicks the confirmation link in the email. Status updates to confirmed and async processing begins.
Engine processes all data types asynchronously. Fails are retryable; successful runs are permanent.
Customer receives final confirmation. Record is now fully anonymized and untraceable.
Clients don't need to build deletion infrastructure. Talkable handles CCPA, GDPR, and Facebook requirements natively.
Aggregate metrics, referral counts, and revenue attribution remain accurate. Only the personally identifiable fields are erased.
Merchant notification on CSP-triggered anonymizations creates a documented record for regulatory audit purposes.