Zumik
v2 · Native state

Data rights

Export everything Zumik retains for a project, or request erasure. GDPR and CCPA data-subject rights, scoped strictly to the caller's project.

Two data-subject flows, both scoped strictly to the caller's project. A data export assembles a machine-readable bundle of everything Zumik retains (right to access and portability). A deletion request erases the project's retained data, bumps the namespace generation so stale cache entries cannot be resurrected, and issues a signed receipt (right to erasure). Export ids are prefixed exp_; deletion requests del_. See GDPR and CCPA.

Billing records required for tax compliance are kept for the legally required period and noted in the receipt, rather than silently dropped.

All requests require a bearer API key. See authentication.

Create a data export

POST /v2/data-exports

Assembles and stores the export bundle inline. No request body.

curl -X POST https://api.zumik.ai/v2/data-exports \
  -H "Authorization: Bearer $ZUMIK_API_KEY"
{
  "id": "exp_01jy7nst01u3v4w5x6y7z8a9b2",
  "object": "data_export",
  "project_id": "prj_01jy7n0a4c8m2t6v9q3wrxk7bd",
  "created_at": "2026-06-15T16:45:09Z",
  "status": "completed",
  "format": "json",
  "data": {
    "project": { "id": "prj_01jy7n0a4c8m2t6v9q3wrxk7bd", "name": "Acme" },
    "billing_account": { "...": "..." },
    "usage_events": [],
    "artifacts": [],
    "sessions": [],
    "provider_credentials": [],
    "subscription_credentials": [],
    "regional_policy": null,
    "retention_profile": null,
    "audit_log": []
  }
}
idstring

Opaque export id, prefixed exp_.

objectstring

Always data_export.

project_idstring

The owning project.

created_atstring

RFC 3339 creation timestamp.

statusstring

Always completed.

formatstring

Always json.

dataobject

The exported bundle: project, billing account, usage events, artifacts, sessions, provider and subscription credentials, regional policy, retention profile, and audit log.

Retrieve a data export

GET /v2/data-exports/{export_id}

export_idstringpathrequired

The exp_... id to fetch.

curl https://api.zumik.ai/v2/data-exports/exp_01jy7nst01u3v4w5x6y7z8a9b2 \
  -H "Authorization: Bearer $ZUMIK_API_KEY"

Returns the same stored export object.

Create a deletion request

POST /v2/deletion-requests

Erases the project's retained data, bumps the namespace generation, and returns a signed receipt. No request body. Billing records are intentionally kept.

curl -X POST https://api.zumik.ai/v2/deletion-requests \
  -H "Authorization: Bearer $ZUMIK_API_KEY"
{
  "id": "del_01jy7ntu12v4w5x6y7z8a9b0c3",
  "object": "deletion_request",
  "project_id": "prj_01jy7n0a4c8m2t6v9q3wrxk7bd",
  "requested_at": "2026-06-15T16:46:40Z",
  "completed_at": "2026-06-15T16:46:40Z",
  "status": "completed",
  "erased": {
    "artifacts": 12,
    "sessions": 3,
    "usage_events": 124,
    "namespace_generation": 4
  },
  "retained": {
    "billing_records": "retained for the legally-required tax period"
  },
  "guarantee": "verified_namespace_invalidation",
  "receipt_digest": "sig_a18f...9c"
}
idstring

Opaque deletion-request id, prefixed del_.

objectstring

Always deletion_request.

project_idstring

The owning project.

requested_atstring

RFC 3339 request timestamp.

completed_atstring

RFC 3339 completion timestamp.

statusstring

Always completed.

erasedobject

Counts of what was erased, plus the new namespace_generation.

retainedobject

Records kept for legal or tax compliance, with the basis.

guaranteestring

Always verified_namespace_invalidation.

receipt_digeststring

A SHA-256 receipt digest, prefixed sig_. Recompute it to confirm integrity.

Retrieve a deletion request

GET /v2/deletion-requests/{deletion_id}

deletion_idstringpathrequired

The del_... id to fetch.

curl https://api.zumik.ai/v2/deletion-requests/del_01jy7ntu12v4w5x6y7z8a9b0c3 \
  -H "Authorization: Bearer $ZUMIK_API_KEY"

Returns the same stored deletion request.

Errors

StatusCodeWhen
401invalid_api_keyMissing or invalid API key.
404invalid_request_errorThe export or deletion request does not exist in this project.

See the full table on errors.

On this page