API Documentation

Complete API reference for the GDPR-compliant company management system

Base URL

https://your-domain.com/api/v1

Authentication

All API requests require authentication using Bearer tokens.

Authorization: Bearer YOUR_API_TOKEN

Company Management

GET /companies

Retrieve a list of all companies

Response:

{
  "data": [
    {
      "id": 1,
      "name": "Example Corp",
      "type": "employer",
      "gdpr_compliant": true,
      "created_at": "2024-01-01T00:00:00Z"
    }
  ]
}
POST /companies

Create a new company

Request Body:

{
  "name": "New Company",
  "type": "employer",
  "gdpr_compliant": true,
  "data_retention_policy": "7 years"
}
GET /companies/{id}

Retrieve a specific company

GDPR Compliance

POST /gdpr/right-to-be-forgotten

Request data deletion for a data subject

Request Body:

{
  "data_subject_id": "user123",
  "reason": "User requested deletion",
  "company_id": 1
}
POST /gdpr/data-portability

Request data export for a data subject

Request Body:

{
  "data_subject_id": "user123",
  "format": "json",
  "company_id": 1
}
GET /gdpr/consent-records

Retrieve consent records for data subjects

GET /gdpr/processing-activities

Retrieve data processing activities register

Error Responses

400 Bad Request

Invalid request parameters

401 Unauthorized

Invalid or missing authentication

403 Forbidden

Insufficient permissions

404 Not Found

Resource not found

422 Unprocessable Entity

Validation errors

Rate Limiting

API requests are limited to 1000 requests per hour per API key.

Rate limit headers:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1640995200

SDKs and Libraries

PHP

Official PHP SDK

composer require privacycall/php-sdk

JavaScript

Official JavaScript SDK

npm install @privacycall/js-sdk