# GDPR configuration As mentioned in the [GDPR section of the Helpful information article](/documentation/about-fulfillmenttools/helpful-information.md#general-data-protection-regulation-gdpr), fulfillmenttools is GDPR-compliant. All customer-related data that was needed for the fulfillment process (like names, addresses, and contact details) is anonymized once all evolved entities are operationally in a final state. The exact date for anonymization is configurable via API. ## Change GDPR configuration {% hint style="info" %} ## Prerequisites * Have an Administrator role {% endhint %} The values of the GDPR configuration are: * `retentionTime` defines how many days after creation, operationally finished processes are anonymized. Default value: 30 days after the process is operationally finished. * `deletionTimeAfterRetention` defines when anonymized entities are deleted. Default value: 180 days. {% hint style="success" %} This deletion functionality only deletes operational data. The anonymized data is still stored for analytics. {% endhint %} To check the current configuration, use the below endpoint: {% tabs %} {% tab title="GET endpoint" %} ```http GET https://{YOUR_TENANT_NAME}.api.fulfillmenttools.com/api/configurations/gdpr ``` {% endtab %} {% tab title="Response body" %} Below is the default values for all customers: ```json { "retentionTime": 30, "deletionTimeAfterRetention": 180, "version": 0, "id": "gdpr", "actorAnonymization": true } ``` `actorAnonymization: true` means `username` and `userId` are stored anonymized in the audit entry. If set to `false`, the data is written without anonymization. {% endtab %} {% endtabs %} To change the default values, use the below endpoint: {% tabs %} {% tab title="PUT endpoint" %} ```http PUT https://{YOUR_TENANT_NAME}.api.fulfillmenttools.com/api/configurations/gdpr ``` {% endtab %} {% tab title="Request body" %} ```json { "retentionTime": 15, "deletionTimeAfterRetention": 5, "actorAnonymization": true, "version": 1 } ``` {% hint style="info" %} Remember to increase the version number from the original number in the `GET` response. {% endhint %} {% endtab %} {% tab title="Response body" %} ```json { "id": "gdpr", "version": 2, "actorAnonymization": true, "created": "2025-12-30T13:01:39.055Z", "deletionTimeAfterRetention": 5, "lastModified": "2025-12-30T13:01:39.055Z", "retentionTime": 15 } ``` {% endtab %} {% endtabs %} In the above example, we've set a `retentionTime` of `15` days and a `deletionTimeAfterRetention` of `5` days. If an order is created on `2026-01-01`, the platform calculates: * Anonymization date: `2026-01-15` * Deletion date: `2026-01-20` {% hint style="info" %} Changes to `actorAnonymization` might take up to an hour to take effect. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fulfillmenttools.com/documentation/by-pillar/order-management/gdpr-configuration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.