Compliance API
The GDPR / data-subject-rights surface. All routes are under
/api/v1/projects/{projectId}/memory-compliance.
The data-subject actions (export, hard-delete, audit) require the
memory.compliance entitlement (Growth tier and up). Without it the engine
returns FEATURE_DISABLED with an upgrade prompt.
Subject export (Art. 15)
POST /memory-compliance/export
Right of access. Returns every memory, pattern, observation, event, and alert fire that references the named subject, in a single bundle a controller can hand to the data subject.
{ "subject": { "kind": "customer", "externalId": "acct-42" } }Response (the JSON bundle is parsed at the edge):
{
"subject": { "kind": "customer", "externalId": "acct-42" },
"export": { "memories": [], "patterns": [], "observations": [], "events": [], "alert_fires": [] },
"counts": { "memories": 12, "patterns": 3, "observations": 40, "events": 5, "alertFires": 1 },
"generatedAt": "2026-07-13T00:00:00Z",
"durationMs": 22
}Hard delete (Art. 17)
POST /memory-compliance/hard-delete
Right to erasure. Cascade-deletes every artifact tied to a subject — memories, derived patterns + observations, the subject’s events, and the alert fires referencing those events — and writes a single tombstone audit row so the deletion itself stays discoverable.
{
"subject": { "kind": "customer", "externalId": "acct-42" },
"reason": "DSR-2026-0142",
"dryRun": true
}reason is required (it lands on the tombstone — carry a case id). Set
dryRun: true for a counts-only preview that touches no rows:
{
"subject": { "kind": "customer", "externalId": "acct-42" },
"memoriesDeleted": 12,
"patternsDeleted": 3,
"observationsDeleted": 40,
"eventsDeleted": 5,
"alertFiresDeleted": 1,
"dryRun": true,
"auditEventId": null,
"generatedAt": "2026-07-13T00:00:00Z",
"durationMs": 8
}Audit log
GET /memory-compliance/audit?subjectKind=…&subjectExternalId=…&actor=…&eventTypes=…&since=…&limit=…
The “who accessed my data and when” surface (Art. 15 + EU AI Act audit-trail).
Pass a subject to narrow to one person’s access log. Each row carries actor,
eventType, the query, touched memoryIds, resultCount, and parsed
metadata.
Installed packs
GET /memory-compliance/packs
List the compliance packs loaded into the engine (HIPAA, GDPR, etc.) — manifests
only, surfaced for tenant transparency about which redaction / consent rules are
active. Each manifest carries id, version, description, ownsClasses, and
regulatoryTags. This route is read-tier and not entitlement-gated.