Permanently delete a contact (GDPR-compliant)
curl --request POST \
--url https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"objectId": "<string>",
"idProperty": "<string>"
}
'import requests
url = "https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete"
payload = {
"objectId": "<string>",
"idProperty": "<string>"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({objectId: '<string>', idProperty: '<string>'})
};
fetch('https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'objectId' => '<string>',
'idProperty' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete"
payload := strings.NewReader("{\n \"objectId\": \"<string>\",\n \"idProperty\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"objectId\": \"<string>\",\n \"idProperty\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"objectId\": \"<string>\",\n \"idProperty\": \"<string>\"\n}"
response = http.request(request)
puts response.read_bodyThis response has no body data.{
"message": "Invalid input (details will vary based on the error)",
"correlationId": "aeb5f871-7f07-4993-9211-075dc63e7cbf",
"category": "VALIDATION_ERROR",
"links": {
"knowledge-base": "https://www.hubspot.com/products/service/knowledge-base"
}
}GDPR
Permanently delete a contact (GDPR-compliant)
Permanently delete a contact and all associated content to follow GDPR. Use optional property idProperty set to email to identify contact by email address. If email address is not found, the email address will be added to a blocklist and prevent it from being used in the future. Learn more about permanently deleting contacts.
POST
/
crm
/
v3
/
objects
/
contacts
/
gdpr-delete
Permanently delete a contact (GDPR-compliant)
curl --request POST \
--url https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"objectId": "<string>",
"idProperty": "<string>"
}
'import requests
url = "https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete"
payload = {
"objectId": "<string>",
"idProperty": "<string>"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({objectId: '<string>', idProperty: '<string>'})
};
fetch('https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'objectId' => '<string>',
'idProperty' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete"
payload := strings.NewReader("{\n \"objectId\": \"<string>\",\n \"idProperty\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"objectId\": \"<string>\",\n \"idProperty\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.hubapi.com/crm/v3/objects/contacts/gdpr-delete")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"objectId\": \"<string>\",\n \"idProperty\": \"<string>\"\n}"
response = http.request(request)
puts response.read_bodyThis response has no body data.{
"message": "Invalid input (details will vary based on the error)",
"correlationId": "aeb5f871-7f07-4993-9211-075dc63e7cbf",
"category": "VALIDATION_ERROR",
"links": {
"knowledge-base": "https://www.hubspot.com/products/service/knowledge-base"
}
}Supported products
Supported products
Required Scopes
Required Scopes
Authorizations
The access token received from the authorization server in the OAuth 2.0 flow.
Body
application/json
Response
Last modified on March 30, 2026
Was this page helpful?
⌘I