GDPR and the Xero Contact API
Now that GDPR is in effect, we’ve introduced a new possible ContactStatus of GDPRREQUEST. Contacts will have this status set if they’ve made a request to the subscriber of the Xero organisation to delete all stored personal data about them. This is a right of EU citizens under the right to erasure and we’ve made it available to Xero subscribers globally.
The new status is effectively very similar to the existing “ARCHIVED” status. The main difference being that these contacts can never be unarchived and will have as much Personally Identifiable Information (PII) redacted as possible.
Contacts with a “GDPRREQUEST” status:
- Can’t be edited
- Can’t be re-activated
- Can’t be used on any new transactions in Xero (invoices, bills, purchase orders etc)
- Will have PII redacted if possible. It may be that the PII information is required to be kept for legal reasons (e.g. tax).
It will not be possible for an app to change a contact’s status from “ACTIVE” to “GDPRREQUEST” via the API. This can only be done by Xero at the request of an organisation’s subscriber.
How this might affect your integration
Syncing contacts
By default, the contacts endpoint only returns contacts with an ACTIVE status. If you retrieve contacts in this way then your integration won’t be affected. If you retrieve contacts using the ?includeArchived=true parameter then you will now also retrieve contacts with the GDPRREQUEST status. You may need to update your integration to handle the new status.
Retrieving contacts used on transactions
If your integration retrieves transactions (e.g. Invoices) and saves the full contact details you may want to check that it will handle contacts with the new status.
Creating transactions
If your app creates transactions (e.g. invoices) you may want to check that your transaction creation logic checks (ContactStatus = ACTIVE) and not(ContactStatus <> ARCHIVED). If you try and create a transaction for a contact with a GDPRREQUEST status you will get a 400 bad request.
