Skip to content

Commit

Permalink
GDPR documentation (#606)
Browse files Browse the repository at this point in the history
  • Loading branch information
tbarbugli authored Jun 26, 2024
2 parents b570985 + 90c10e2 commit b7199b3
Show file tree
Hide file tree
Showing 6 changed files with 276 additions and 0 deletions.
4 changes: 4 additions & 0 deletions docusaurus/video/docusaurus/docs/api/gdpr/_category_.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
{
"label": "GDPR",
"position": 7
}
90 changes: 90 additions & 0 deletions docusaurus/video/docusaurus/docs/api/gdpr/calls.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
---
id: calls
sidebar_position: 3
slug: /gdpr/calls
title: Calls
---

import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';


## Calls deletion

You can either soft-delete or hard-delete a call and all its related data (members, sessions, recordings, transcriptions).

### Soft delete

Soft-delete a call means that the call and all its related data will not be completely removed from our system but will no longer be accessible via the API.


<Tabs groupId="examples">
<TabItem value="js" label="JavaScript">

```js
// soft-delete a call
const resp = await call.delete({
hard: false,
})
// resp.call contains call information
```

</TabItem>
<TabItem value="curl" label="cURL">

```bash
# Soft-delete a call
curl -X POST "https://video.stream-io-api.com/api/v2/video/call/${CALL_TYPE}/${CALL_ID}/delete?api_key=${API_KEY}" \
-H "Authorization: ${TOKEN}" \
-H "stream-auth-type: jwt" \
-H "Content-Type: application/json" \
-d '{
"hard": false
}'
```
</TabItem>
</Tabs>


### Hard delete

:::note

_This endpoint requires a server-side authentication._

:::

Hard-delete a call means that the call and all its related data will be completely wiped out from our system.
This action is irrevocable, and the data cannot be recovered.

This operation is done asynchronously and you can use the returned `task_id` to monitor its progress.
See [how to monitor an async task](../../misc/async).

<Tabs groupId="examples">
<TabItem value="js" label="JavaScript">

```js
// hard-delete a call
const resp = await call.delete({
hard: true,
});
// resp.call contains call information
// resp.task_id is the ID to be used for monitoring the task
```

</TabItem>
<TabItem value="curl" label="cURL">

```bash
# Hard-delete a call
curl -X POST "https://video.stream-io-api.com/api/v2/video/call/${CALL_TYPE}/${CALL_ID}/delete?api_key=${API_KEY}" \
-H "Authorization: ${TOKEN}" \
-H "stream-auth-type: jwt" \
-H "Content-Type: application/json" \
-d '{
"hard": true
}'
```

</TabItem>
</Tabs>
39 changes: 39 additions & 0 deletions docusaurus/video/docusaurus/docs/api/gdpr/overview.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
---
id: gdpr_overview
sidebar_position: 1
slug: /gdpr/overview
title: Overview
---

import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';


Companies conducting business within the European Union are legally required to comply with the General Data Protection Regulation (GDPR).

While many aspects of this regulation may not significantly affect your integration with Stream, the GDPR provisions regarding the right to data access and the right to erasure are directly pertinent.

These provisions relate to data that is stored and managed on Stream's servers.

## The Right to Access Data

GDPR gives EU citizens the right to request access to their information and the right to have access to this information in a portable format. Stream covers this requirement with the user export method.

This method can only be used with server-side authentication.

Check [user export documentation](users.mdx/#users-export) to see how to use it.

## The Right to Erasure

The GDPR also grants EU citizens the right to request the deletion of their personal information.

Stream offers mechanisms to delete users and calls in accordance with various use cases, ensuring compliance with these regulations.

### Delete calls

Calls can be deleted in two different ways: "soft" or "hard", each with distinct implications.

- Soft-delete: the call details and all related data remain stored on Stream's servers but will no longer be accessible via the API.
- Hard-delete: all data is completely removed from Stream's servers, making it impossible to export.

Check [calls deletion documentation](calls.mdx) for more information.
86 changes: 86 additions & 0 deletions docusaurus/video/docusaurus/docs/api/gdpr/users.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
---
id: users
sidebar_position: 2
slug: /gdpr/users
title: Users
---

import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';


## Users export

:::note

_This endpoint requires a server-side authentication._

:::

Stream allows you to export users with their data, including the calls they participated in.
The operation is performed asynchronously, so calling this endpoint will return a task ID that you can use to [monitor the execution of the export](../../misc/async).

Once the task is completed, the result of the `GetTask` endpoint call will contain a URL to the file.

<Tabs groupId="examples">
<TabItem value="js" label="JavaScript">

```js
// export users
let resp = await client.exportUsers([userid1,userid2]);
// resp.task_id is the ID to be used for monitoring the task

// when the export is done and the task is completed, an URL is returned to have access to the file
resp = await client.get_task(resp.task_id)
console.log(resp)
// output:
{
"task_id": "123",
"status": "completed",
"result": {
"url": https://link/to/file.json'
}
}
```

</TabItem>
</Tabs>


## Users deletion

:::note

_This endpoint requires a server-side authentication._

:::

Stream allows you to delete users and optionally the calls they were part of.
Note that this apply only to 1:1 calls, not group calls.

This operation is done asynchronously and you can use the returned `task_id` to monitor its progress.
See [how to monitor an async task](../../misc/async).

Deleting a user accepts some parameters

| param | type | description | required |
|----------|----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|
| user_ids | array | List of users who will be deleted ||
| user | enum (soft, pruning, hard) | **Soft:** marks user as deleted and retains all user data. (default) **Pruning:** marks user as deleted and nullifies user information. **Hard:** deletes user completely | |
| calls | enum (soft, hard) | **Soft:** marks calls and related data as deleted. **Hard:** deletes calls and related data completely | |


<Tabs groupId="examples">
<TabItem value="js" label="JavaScript">

```js
// hard delete users
let resp = await client.deleteUsers([userid1,userid2], { user: 'hard' });
// resp.task_id is the ID to be used for monitoring the task

// hard delete users and soft delete calls
resp = await client.deleteUsers([userid1,userid2], { user: 'hard', calls: 'soft' });
// resp.task_id is the ID to be used for monitoring the task
```
</TabItem>
</Tabs>
4 changes: 4 additions & 0 deletions docusaurus/video/docusaurus/docs/api/misc/_category_.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
{
"label": "MISC",
"position": 7
}
53 changes: 53 additions & 0 deletions docusaurus/video/docusaurus/docs/api/misc/async.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
---
id: async_operation
sidebar_position: 1
slug: /misc/async
title: Asynchronous operations
---

import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';


Certain operations, such as deleting a call or deleting a user, require additional time and processing power. As a result, these operations are executed asynchronously.

### Monitoring tasks

You can monitor these tasks using the `GetTask` endpoint. Calling this endpoint will provide information such as:
- `status`: Current status of the task (see statuses below for more details)
- `result`: Result of the task, depending on the nature of the task
- `error`: If the task failed, this will contain information about the failure

### Task Statuses

The task can have the following statuses:
- `pending`: Task is pending and not running yet
- `running`: Task is running and not completed yet
- `completed`: Task is completed and successfully executed
- `failed`: Task failed during its execution

### Example

Asynchronous operations will return an ID, which you can use to monitor the task. Here's an example:
<Tabs groupId="examples">
<TabItem value="js" label="JavaScript">

```js
// hard-delete a callm which will be executed asynchronously
let resp;
resp = await call.delete({hard: true})

// resp contains the task ID
resp = await client.get_task(resp.task_id)
console.log(resp)
// output:
{
"task_id": "123",
"status": "running",
"error": null, // will be present only if there is an error
"result": {} // will be present only if the task returns a result
}
```

</TabItem>
</Tabs>

0 comments on commit b7199b3

Please sign in to comment.