Privacy Endpoints
The privacy endpoints manage data classifications, sensitivity levels, and compliance-related metadata for tenant data assets. Served by PrivacyController at /api/v1/privacy.
Endpoints
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/v1/privacy/classifications | Create classification |
| GET | /api/v1/privacy/classifications | List classifications |
| GET | /api/v1/privacy/classifications/:id | Get classification |
| GET | /api/v1/privacy/classifications/name/:name | Get by name |
| GET | /api/v1/privacy/classifications/column | Get for table.column |
| PUT | /api/v1/privacy/classifications/:id | Update classification |
| POST | /api/v1/privacy/classifications/:id/deactivate | Deactivate |
| POST | /api/v1/privacy/classifications/:id/activate | Activate |
| POST | /api/v1/privacy/classifications/:id/review | Mark as reviewed |
| DELETE | /api/v1/privacy/classifications/:id | Delete permanently |
| GET | /api/v1/privacy/classifications/pii | Get PII classifications |
| GET | /api/v1/privacy/classifications/requiring-encryption | Get encryption-required |
| GET | /api/v1/privacy/classifications/requiring-masking | Get masking-required |
| GET | /api/v1/privacy/classifications/high-sensitivity | Get high-sensitivity |
| POST | /api/v1/privacy/classifications/suggest | Auto-suggest classifications |
| POST | /api/v1/privacy/classifications/apply-suggestion | Apply suggestion |
| POST | /api/v1/privacy/classifications/bulk | Bulk create |
| GET | /api/v1/privacy/statistics | Get classification statistics |
Sensitivity Levels
| Level | Description |
|---|---|
PUBLIC | No restrictions on access |
INTERNAL | Restricted to internal users |
CONFIDENTIAL | Restricted to authorized roles |
RESTRICTED | Requires encryption and masking |
TOP_SECRET | Maximum protection, audit all access |
Auto-Suggestion
The suggestion endpoint analyzes column names and data types to recommend classifications:
{
"columns": [
{
"databaseName": "analytics",
"schemaName": "public",
"tableName": "customers",
"columnName": "email_address",
"dataType": "VARCHAR"
}
]
}Returns suggestions with confidence scores and recommended sensitivity levels.
Compliance Flags
Each classification tracks regulatory applicability:
| Flag | Description |
|---|---|
isPii | Personally Identifiable Information |
isPhi | Protected Health Information |
isPci | Payment Card Industry data |
isFinancial | Financial data subject to regulations |
allowCrossBorderTransfer | Whether data can leave its region |