> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Delete CVV Retention Policy

> Delete the entire CVV retention policy for a token, reverting to the system-wide default.

Deletes all destination restrictions for this token. The token will revert to the [system-wide default retention policy](/capture-cards/cvv-retention-policy#setting-the-account-wide-default).

<Card title="CVV Retention Policy Guide" icon="book" href="/capture-cards/cvv-retention-policy">
  Control how long CVV data is retained and who can use it
</Card>

## Error Responses

| Code    | HTTP Status | Condition                                                                                                        |
| ------- | ----------- | ---------------------------------------------------------------------------------------------------------------- |
| `-1003` | `401`       | API key is missing or invalid.                                                                                   |
| `-1003` | `401`       | Authenticated user does not have `ForceCVVRetentionPolicy` permission.                                           |
| `-1003` | `401`       | Token does not belong to the authenticated user.                                                                 |
| `-125`  | `400`       | The token does not have a CVV stored.                                                                            |
| `-1010` | `423`       | The retention policy is locked. Either the 60-minute update window has passed, or the CVV has already been used. |
| `-150`  | `500`       | An internal system error occurred.                                                                               |

## Parameters

### Headers

<ParamField header="Authorization" type="string" required>
  Your API key prefixed with `APIKEY`. Example: `APIKEY your-api-key`. See the [Authentication guide](/getting-started/authentication).
</ParamField>

### Path Parameters

<ParamField path="cardToken" type="string" required>
  The token ID as returned by one of the tokenization methods.
</ParamField>

<RequestExample>
  ```javascript Node.js theme={null}
  const response = await fetch(
    'https://service.pcibooking.net/api/payments/paycard/2821a46d80e14d1b96a7f18f1b81926d/cvv/Restriction',
    {
      method: 'DELETE',
      headers: {
        'Authorization': 'APIKEY your-api-key'
      }
    }
  );

  console.log(response.status);
  ```

  ```python Python theme={null}
  import requests

  response = requests.delete(
      'https://service.pcibooking.net/api/payments/paycard/2821a46d80e14d1b96a7f18f1b81926d/cvv/Restriction',
      headers={'Authorization': 'APIKEY your-api-key'}
  )

  print(response.status_code)
  ```
</RequestExample>

## Response

**200** - Policy deleted. Empty JSON object.

<ResponseExample>
  ```text 200 theme={null}
  CVV retention policy deleted successfully. No content returned.
  ```

  ```json 401 theme={null}
  {
      "code": -1003,
      "message": "Not authorized to access this resource",
      "moreInfo": "Bad or missing authorization data, expected APIKEY",
      "errorList": null
  }
  ```
</ResponseExample>
