List the data processed by the organisation

GET /data

In order to be able to select for which data types a request must be made, the organisation must publicise which data it processes of its users. This endpoints returns a structured, machine-readable, human-friendly list that gives a complete overview of the data processing that the legal entity creating this API is responsible for.

Query parameters

  • lang string

    A ISO 639-1 language code identifier. Must match the supportedLanguages in the /settings endpoint. Defaults to en

    Default value is en.

Responses

  • 200

    OK

    Hide response attributes Show response attributes array[object]
    • type string Required
    • description string

      A human-readable description of the type of data that is processed

    • context string(url) Required

      The schema.org URL for the data type. If the data does not match schema.org, organisations may create their own schemas. This property matches the @context property that is described by JSON-LD.

    • processingGround string Required

      The organisation must indicate on which ground the lawfulness of their processing is based. These lawful grounds are limited by Article 6 of the General Data Protection Regulation. The values that are considered valid in this property correspond to those in subparagraph 1 of Article 6:

      • a) consent: the subject has given consent for the processing of this data
      • b) performanceOfContract: processing is necessary for performance of a legal contract
      • c) legalObligation: processing is necessary for compliance with a legal obligation
      • d) vitalInterest: processing is necessary to protect the vital interest of someone
      • e) taskInPublicInterest: processing is necessary to for a task carried out in the public interest
      • f) legitimateInterest: processing is necessary for the legitimate interest of the processor

      Values are consent, performanceOfContract, legalObligation, vitalInterest, taskInPublicInterest, or legitimateInterest.

    • isErasable boolean Required

      Owners of data of this type may request the data to be deleted. The circumstances under which data must be deletable are covered by Article 17 of the General Data Proctection Regulation. In practice, consider that any data must be deletable, unless:

      • The data is covered by a legal obligation
      • The data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority
      • The data is necessary for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing
      • for the establishment, exercise or defence of legal claims

      Additionally, specific data may be exempt from the right to erasure:

      • if the processing is necessary for public health purposes in the public interest (eg protecting against serious cross-border threats to health, or ensuring high standards of quality and safety of health care and of medicinal products or medical devices); orif the processing is necessary for the purposes of preventative or occupational medicine; for the working capacity of an employee; for medical diagnosis
      • for the provision of health or social care; or for the management of health or social care systems or services.
    • isRectifiable boolean Required

      Owners of data of this type may request it to be changed. The circumstances for the applicability of this right are set out in Article 16 of the General Data Protection Regulation. In general, this right applies to data that is inaccurate or incomplete. If none of these grounds apply, you may refuse honor rectification requests.
  • 400

    Bad Request

    Hide response attributes Show response attributes object
    • error string

      Value is LanguageNotSupported.

    • message string

      Value is The language you are requesting is not supported by this organisation.
GET /data 
curl \
 -X GET http://api.example.com/data
Response examples (200) 
[
  {
    "type": "LikeAction",
    "description": "The act of expressing a positive sentiment about the object. An agent likes an object (a proposition, topic or theme) with participants.",
    "context": "http://schema.org/LikeAction",
    "processingGround": "consent",
    "isErasable": true,
    "isRectifiable": true
  }
]
Response examples (200) 
[
  {
    "type": "LikeAction",
    "description": "The act of expressing a positive sentiment about the object. An agent likes an object (a proposition, topic or theme) with participants.",
    "context": "http://schema.org/LikeAction",
    "processingGround": "consent",
    "isErasable": true,
    "isRectifiable": true
  }
]
Response examples (400) 
{
  "error": "LanguageNotSupported",
  "message": "The language you are requesting is not supported by this organisation"
}
Response examples (400) 
{
  "error": "LanguageNotSupported",
  "message": "The language you are requesting is not supported by this organisation"
}