Envello
Trust

GDPR's right to erasure and transactional email: what actually has to happen

Envello Team·2026-07-16·5 min read

GDPR's right to erasure (Article 17) lets a data subject request deletion of their personal data. For a transactional email API, this comes up in a specific, narrower way than it does for a marketing platform: Envello is a processor acting on your instructions, not the controller of your end users' data, so an erasure request from one of your recipients is something your business fulfills, with Envello's infrastructure as part of how that happens.

What actually gets deleted, and how

Envello's retention job does real, hard deletion of event and log data past your account's configured retention window, it doesn't soft-hide rows and keep them queryable. Free tier defaults to 7 days, Pro to 90, and Scale allows a configurable window from 7 to 365 days. That retention window is the actual deletion mechanism: data doesn't persist indefinitely waiting for someone to request its removal, it ages out on a schedule you control.

The honest gap: there's no separate "erasure request" button

If you need to fulfill a specific recipient's erasure request faster than your retention window would naturally clear their data, that's not currently a self-serve, per-recipient deletion feature. The practical options today are shortening your account's retention window (which affects future data going forward, not a retroactive purge, since J4's retention changes are forward-only by design) or reaching out directly for a manual deletion if a specific record needs to go sooner than that.

What this means for your own compliance process

If a recipient sends your business an erasure request, the email content and delivery metadata Envello holds on your behalf will already be gone once it ages past your configured retention window, often before you'd even need to act. For anything more time-sensitive, treat Envello the way you'd treat any processor: know the actual deletion mechanism (the retention job, not a marketing promise) and factor its timeline into your own erasure-request process.

Envello

EU-hosted transactional email, done right by default.