Back up existing submissions, if you need them, before implementing.
The set up makes use of Netlify API and requires an access token. The token must be added to the projects environment variables in Netlify.
Important: Personal access token are private tokens. They should not be shares it with anybody and should not be committed into repositories.
example.com_contact-form
.NETLIFY_API_ACCESS_TOKEN
Iq1Ty4S7TZxylm7QsOVFJBc1DwxIGjE_w8LJHOOVm_o
Making use of file-based configuration with netlify.toml
, we can define the location of the function, which deletes the form submissions.
netlify.toml
yet, ceate this file in your projects base directory.[build]
section, add the line functions = "netlify/functions"
to it.netlify.toml
is a newly created file, add the following 2 lines to it:[build]
functions = "netlify/functions"
The path netlify/functions
is the default path in which Netlify looks for functions. Adjust it as needed.
netlify
directory.netlify
directory, create a functions
directory. This is the default location for Netlify to look for functions.submission-created.js
. The name follows the naming convention for Netlify triggers and should not be changed.submission-created.js
file./*
Supports GDPR conformity of contact form submissions on Netlify.
process.env.SITE_ID variable is one of Netlify's built-in env vars. It is defined as the ID specific to the site on Netlify.
*/
// require netlify package as a dependency
const NetlifyAPI = require('netlify')
exports.handler = async function (event, context) {
const client = new NetlifyAPI(process.env.NETLIFY_API_ACCESS_TOKEN)
const submissions = await client
.listSiteSubmissions({
site_id: process.env.SITE_ID,
})
.catch((e) => console.log('Error getting submissions', e))
if (submissions.length) {
for (i = 0; i < submissions.length; i++) {
await client.deleteSubmission({ submission_id: submissions[i].id })
}
return {
statusCode: 200,
body: 'All submissions deleted',
}
} else {
return {
statusCode: 200,
body: 'No submissions to delete',
}
}
}
The submission-created.js
function will be triggered when a form submission is verified for your site.
package.json
file in your project, create a default package.json
file now, by running npm init --yes
.package.json
, add netlify
as a dependency:"dependencies": {
"netlify": "^4.3.13"
}
npm install netlify-lambda --save-dev
to install the netlify-lambda
package as a dev dependency.package.json
and add "postinstall": "netlify-lambda install"
in the scripts
section:"scripts": {
"postinstall": "netlify-lambda install",
}
If there are errors, they will be mentioned in the Netlify deploy log file. Make sure to test everything in production.
With the next form submission, all previous submissions will be deleted. You should see something like this:
"No remaining verified submissions
This form’s verified submissions have all been deleted or marked as spam."
Sources and recommended, further resources on the topic:
package.json
fileLicense: Netlify: Delete form submissions (GDPR) by Jonas Jared Jacek is licensed under CC BY-SA 4.0.
This license requires that reusers give credit to the creator. It allows reusers to distribute, remix, adapt, and build upon the material in any medium or format, for noncommercial purposes only. To give credit, provide a link back to the original source, the author, and the license e.g. like this:
<p xmlns:cc="http://creativecommons.org/ns#" xmlns:dct="http://purl.org/dc/terms/"><a property="dct:title" rel="cc:attributionURL" href="https://www.ditig.com/instructions/netlify-delete-form-submissions">Netlify: Delete form submissions (GDPR)</a> by <a rel="cc:attributionURL dct:creator" property="cc:attributionName" href="https://www.j15k.com/">Jonas Jared Jacek</a> is licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/" target="_blank" rel="license noopener noreferrer">CC BY-SA 4.0</a>.</p>
For more information see the DITig legal page.