I led a one-month build of an in-house deletion API, removing six-figure annual licensing costs.
Regulatory deletion reaches into every store that holds customer data. A request is not done until we can verify its result across those systems. The existing vendor workflow was expensive and put a core legal obligation outside our control, so I built the in-house replacement.
The requirements kept changing as new stores and retention rules arrived. I separated the business rules from the storage layer, which meant we could adapt the underlying systems without rewriting the core logic.
| Vendor cost | six figures annually |
| Deletion verification | across the data platform |
| Delivery | one month |
| Vendor dependency | removed from the request path |
What I'd do differently:I would define, validate, and version the data contract on day one. The first version relied too much on one system's document shape, which made later changes harder to reason about.