Skip to main content

Anonymize client

POST 
/clients/{clientId}/action

In the context of the GDPR, we wanted to provide an option to easily anonymize a client's identifiable data upon request, as an exited client must now have the 'Right to be forgotten'. To learn more about the legal aspects of this, please see Art. 17 GDPR.

This gives clients in the exited state, the right to request that all identifiable records are removed (or, more precisely, anonymized up to the point where the client is no longer traceable, but the information that the company needs to keep its systems stable can be kept within some legal standards).

Please be aware This action may only be performed on clients in the exited state. Otherwise, Mambu will return error 3760 "CLIENT_DOES_NOT_HAVE_EXITED_STATE"

A user has the permission to run the above call only via API 1.0 only if he has the 'Anonymize Client Data' permission, which can be granted by an Administrator (in User Permissions > Clients), only to users that have API access.

Please note After the anonymization call is run, a new client ID will be generated and the old client ID will be overwritten. As a consequence, calling the API twice with the same client ID will result in the second call returning a Resource Not Found (INVALID_CLIENT_ID) error.

note

The same anonymization is performed when production environments are cloned to sandbox. For more information on creating sandbox environments with anonymized data, please refer to the sandbox article in our user guide.

Affected areas

Initially the client is unsubscribed from notifications (client notification requests are deleted). Afterwards the following data is affected:

Client fields:

  • Obfuscated:
    • first name
    • last name
  • Deleted:
    • middle name, gender, notes, email address, birth date, home phone, mobile phones, address, assigned branch key, assigned centre key, assigned credit officer key.
    • client Identification documents (also corresponding attachments from remote file storage)
    • client profile picture and signature picture (from images table)
    • client attachments (from remote file storage and documents table)
    • client custom field values
    • portal preferences
    • client comments
    • client activities (activities, sub-activities and field change items)

Client loan accounts:

  • Obfuscated:

    • loan name

  • Deleted:

    • notes
    • custom field values for client loan accounts
    • attachments for client loan accounts (from remote file storage and documents table)
    • Client loan accounts transactions

  • Deleted:

    • transaction comments
    • transactions custom field values

Client loan accounts guarantees:

  • Obfuscated:
    • asset name
  • Deleted:
    • guarantees custom field values

Client loan repayments:

  • Deleted:
    • repayments notes
    • comments for client loan accounts
    • client loan accounts activities (activities, sub-activities and field change items)

Client deposit accounts:

  • Obfuscated:
    • account name
  • Deleted:
    • notes
    • custom field values for client savings accounts
    • attachments for client savings accounts (from remote file storage and documents table)

Client savings accounts transactions:

  • Deleted:
    • transaction comments
    • transactions custom field values
    • comments for client savings accounts
    • client savings accounts activities (activities, sub-activities and field change items)

Client lines of credit:

  • Deleted:
    • notes
    • custom field values for client lines of credit
    • attachments for client lines of credit (from remote file storage and documents table)
    • lines of credit activities (activities, sub-activities and field change items)

Client guarantees (guarantees in which the client is guarantor):

  • Obfuscated:
    • asset name
  • Deleted:
    • guarantees custom field values

Notification messages associated with a client:

  • Deleted:
    • notification messages associated with the client
    • notification messages associated with client loan accounts
    • notification messages associated with client savings accounts
    • Client tasks
  • Deleted:
    • tasks associated with the client

Payment details:

  • Obfuscated:
    • debtor name
    • debtor account IBAN
    • creditor name
    • creditor account IBAN

Client ID

A new client ID will be generated and the old client ID will be overwritten (as a consequence, calling the API twice with the same client ID will result in the second call returning Resource Not Found (INVALID_CLIENT_ID error).

Request

Responses

ok