diff --git tests/phpunit/includes/testcase-ajax.php tests/phpunit/includes/testcase-ajax.php
index bf5a5bc..736d362 100644
--- tests/phpunit/includes/testcase-ajax.php
+++ tests/phpunit/includes/testcase-ajax.php
@@ -119,6 +119,8 @@ abstract class WP_Ajax_UnitTestCase extends WP_UnitTestCase {
 		'delete-theme',
 		'install-theme',
 		'get-post-thumbnail-html',
+		'wp-privacy-export-personal-data',
+		'wp-privacy-erase-personal-data',
 	);
 
 	public static function setUpBeforeClass() {
diff --git tests/phpunit/tests/ajax/PrivacyErasePersonalData.php tests/phpunit/tests/ajax/PrivacyErasePersonalData.php
new file mode 100644
index 0000000..ea048f9
--- /dev/null
+++ tests/phpunit/tests/ajax/PrivacyErasePersonalData.php
@@ -0,0 +1,202 @@
+<?php
+/**
+ * Testing Ajax handler for erasing personal data.
+ *
+ * @package WordPress\UnitTests
+ *
+ * @since 4.9.7
+ */
+
+/**
+ * Tests_Ajax_PrivacyExportPersonalData class.
+ *
+ * @since 4.9.7
+ *
+ * @group ajax
+ * @group privacy
+ * @covers wp_ajax_wp_privacy_erase_personal_data
+ */
+class Tests_Ajax_PrivacyErasePersonalData extends WP_Ajax_UnitTestCase {
+	/**
+	 * User Request ID.
+	 *
+	 * @since 4.9.7
+	 *
+	 * @var int
+	 */
+	protected static $request_id;
+
+	/**
+	 * User Request Email.
+	 *
+	 * @since 4.9.7
+	 *
+	 * @var string
+	 */
+	protected static $request_email;
+
+	/**
+	 * Create user erase request fixtures.
+	 *
+	 * @param WP_UnitTest_Factory $factory Factory.
+	 */
+	public static function wpSetUpBeforeClass( $factory ) {
+		self::$request_email = 'requester@example.com';
+		self::$request_id    = wp_create_user_request( self::$request_email, 'remove_personal_data' );
+	}
+
+	/**
+	 * Register a custom personal data eraser.
+	 */
+	public function setUp() {
+		parent::setUp();
+
+		// Make sure the erasers response is not modified and avoid e.g. sending emails.
+		remove_all_filters( 'wp_privacy_personal_data_erasure_page' );
+		remove_all_actions( 'wp_privacy_personal_data_erased' );
+
+		// Only use our custom privacy personal data eraser.
+		remove_all_filters( 'wp_privacy_personal_data_erasers' );
+		add_filter( 'wp_privacy_personal_data_erasers', array( $this, 'register_custom_personal_data_eraser' ) );
+	}
+
+	/**
+	 * The function should successfully send exporters response data when the current user has the required capabilites.
+	 *
+	 * @ticket 43438
+	 */
+	public function test_wp_ajax_wp_privacy_export_personal_data_should_success_when_current_user_has_required_capabilities() {
+		$this->_setRole( 'administrator' );
+		$this->assertTrue( current_user_can( 'erase_others_personal_data' ) );
+		$this->assertTrue( current_user_can( 'delete_users' ) );
+
+		// Set up a request.
+		$_POST['action']   = 'wp-privacy-erase-personal-data';
+		$_POST['security'] = wp_create_nonce( 'wp-privacy-erase-personal-data-' . self::$request_id );
+		$_POST['eraser']   = 1;
+		$_POST['page']     = 1;
+		$_POST['id']       = self::$request_id;
+
+		// Make the request.
+		try {
+			$this->_handleAjax( $_POST['action'] );
+		} catch ( WPAjaxDieContinueException $e ) {
+			unset( $e );
+		}
+
+		// Get the response.
+		$response = json_decode( $this->_last_response, true );
+
+		$this->assertTrue( $response['success'] );
+		$this->assertSame( 'A message regarding retained data for requester@example.com.', $response['data']['messages'][0] );
+		$this->assertTrue( $response['data']['items_removed'] );
+		$this->assertTrue( $response['data']['items_retained'] );
+		$this->assertTrue( $response['data']['done'] );
+	}
+
+	/**
+	 * The function should send an error when the current user is missing required capabilities.
+	 *
+	 * @ticket 43438
+	 */
+	public function test_wp_ajax_wp_privacy_erase_personal_data_should_error_when_current_user_missing_required_capabilities() {
+		$this->_setRole( 'author' );
+		$this->assertFalse( current_user_can( 'erase_others_personal_data' ) );
+		$this->assertFalse( current_user_can( 'delete_users' ) );
+
+		// Set up a request.
+		$_POST['action']   = 'wp-privacy-erase-personal-data';
+		$_POST['security'] = wp_create_nonce( 'wp-privacy-erase-personal-data-' . self::$request_id );
+		$_POST['eraser']   = 1;
+		$_POST['page']     = 1;
+		$_POST['id']       = self::$request_id;
+
+		// Make the request.
+		try {
+			$this->_handleAjax( $_POST['action'] );
+		} catch ( WPAjaxDieContinueException $e ) {
+			unset( $e );
+		}
+
+		// Get the response.
+		$response = json_decode( $this->_last_response, true );
+
+		$this->assertFalse( $response['success'] );
+		$this->assertSame( 'Invalid request.', $response['data'] );
+	}
+
+	/**
+	 * The function should send error when the request ID is missing.
+	 *
+	 * @ticket 43438
+	 */
+	public function test_wp_ajax_wp_privacy_erase_personal_data_should_error_when_missing_request_id() {
+		$this->_setRole( 'administrator' );
+
+		$this->assertNotWPError( self::$request_id );
+
+		// Set up a request.
+		$_POST['action']   = 'wp-privacy-erase-personal-data';
+		$_POST['security'] = wp_create_nonce( 'wp-privacy-erase-personal-data-' . self::$request_id );
+		$_POST['eraser']   = 1;
+		$_POST['page']     = 1;
+		$_POST['id']       = null; // Missing request ID.
+
+		// Make the request.
+		try {
+			$this->_handleAjax( $_POST['action'] );
+		} catch ( WPAjaxDieContinueException $e ) {
+			unset( $e );
+		}
+
+		// Get the response.
+		$response = json_decode( $this->_last_response, true );
+
+		$this->assertFalse( $response['success'] );
+		$this->assertSame( 'Missing request ID.', $response['data'] );
+	}
+
+	/**
+	* Register handler for a custom personal data exporter.
+	*
+	* @since 4.9.7
+	*
+	* @param  array $erasers An array of personal data erasers.
+	* @return array $erasers An array of personal data erasers.
+	*/
+	public function register_custom_personal_data_eraser( $erasers ) {
+		$erasers['custom_exporter'] = array(
+			'eraser_friendly_name' => __( 'Custom Eraser' ),
+			'callback'             => array( $this, 'custom_personal_data_eraser' ),
+		);
+		return $erasers;
+	}
+
+	/**
+	* Custom Personal Data Eraser.
+	*
+	* @since 4.9.7
+	*
+	* @param  string $email_address The comment author email address.
+	* @param  int    $page          Page number.
+	* @return array  $return        Erase data.
+	*/
+	public function custom_personal_data_eraser( $email_address, $page = 1 ) {
+		if ( 1 === $page ) {
+			return array(
+				'items_removed'  => true,
+				'items_retained' => true,
+				'messages'       => array( sprintf( 'A message regarding retained data for %s.', $email_address ) ),
+				'done'           => true,
+			);
+		}
+
+		return array(
+			'items_removed'  => false,
+			'items_retained' => false,
+			'messages'       => array(),
+			'done'           => true,
+		);
+	}
+
+}
diff --git tests/phpunit/tests/ajax/PrivacyExportPersonalData.php tests/phpunit/tests/ajax/PrivacyExportPersonalData.php
new file mode 100644
index 0000000..cdbcbff
--- /dev/null
+++ tests/phpunit/tests/ajax/PrivacyExportPersonalData.php
@@ -0,0 +1,210 @@
+<?php
+/**
+ * Testing Ajax handler for exporting personal data.
+ *
+ * @package WordPress\UnitTests
+ *
+ * @since 4.9.7
+ */
+
+/**
+ * Tests_Ajax_PrivacyExportPersonalData class.
+ *
+ * @since 4.9.7
+ *
+ * @group ajax
+ * @group privacy
+ * @covers wp_ajax_wp_privacy_export_personal_data
+ */
+class Tests_Ajax_PrivacyExportPersonalData extends WP_Ajax_UnitTestCase {
+	/**
+	 * User Request ID.
+	 *
+	 * @since 4.9.7
+	 *
+	 * @var int
+	 */
+	protected static $request_id;
+
+	/**
+	 * User Request Email.
+	 *
+	 * @since 4.9.7
+	 *
+	 * @var string
+	 */
+	protected static $request_email;
+
+	/**
+	 * Create user export request fixtures.
+	 *
+	 * @param WP_UnitTest_Factory $factory Factory.
+	 */
+	public static function wpSetUpBeforeClass( $factory ) {
+		self::$request_email = 'requester@example.com';
+		self::$request_id    = wp_create_user_request( self::$request_email, 'export_personal_data' );
+	}
+
+	/**
+	 * Register a custom personal data exporter.
+	 */
+	public function setUp() {
+		parent::setUp();
+
+		// Make sure the exporter response is not modified and avoid e.g. writing export file to disk.
+		remove_all_filters( 'wp_privacy_personal_data_export_page' );
+
+		// Only use our custom privacy personal data exporter.
+		remove_all_filters( 'wp_privacy_personal_data_exporters' );
+		add_filter( 'wp_privacy_personal_data_exporters', array( $this, 'register_custom_personal_data_exporter' ) );
+	}
+
+	/**
+	 * The function should successfully send exporter data response when the current user has the required capability.
+	 *
+	 * @ticket 43438
+	 */
+	public function test_wp_ajax_wp_privacy_export_personal_data_should_success_when_current_user_has_required_capability() {
+		$this->_setRole( 'administrator' );
+		$this->assertTrue( current_user_can( 'export_others_personal_data' ) );
+
+		$this->assertNotWPError( self::$request_id );
+
+		// Set up a request.
+		$_POST['action']      = 'wp-privacy-export-personal-data';
+		$_POST['security']    = wp_create_nonce( 'wp-privacy-export-personal-data-' . self::$request_id );
+		$_POST['exporter']    = 1;
+		$_POST['page']        = 1;
+		$_POST['id']          = self::$request_id;
+		$_POST['sendAsEmail'] = false;
+
+		// Make the request.
+		try {
+			$this->_handleAjax( $_POST['action'] );
+		} catch ( WPAjaxDieContinueException $e ) {
+			unset( $e );
+		}
+
+		// Get the response.
+		$response = json_decode( $this->_last_response, true );
+
+		$this->assertTrue( $response['success'] );
+		$this->assertSame( 'custom-exporter-item-id', $response['data']['data']['item_id'] );
+		$this->assertSame( 'Email', $response['data']['data']['data'][0]['name'] );
+		$this->assertSame( self::$request_email, $response['data']['data']['data'][0]['value'] );
+	}
+
+	/**
+	 * The function should successfully send exporters response data when the user is administrator.
+	 *
+	 * @ticket 43438
+	 */
+	public function test_wp_ajax_wp_privacy_export_personal_data_should_error_when_current_user_missing_required_capability() {
+		$this->_setRole( 'author' );
+		$this->assertFalse( current_user_can( 'export_others_personal_data' ) );
+
+		$this->assertNotWPError( self::$request_id );
+
+		// Set up a request.
+		$_POST['action']      = 'wp-privacy-export-personal-data';
+		$_POST['security']    = wp_create_nonce( 'wp-privacy-export-personal-data-' . self::$request_id );
+		$_POST['exporter']    = 1;
+		$_POST['page']        = 1;
+		$_POST['id']          = self::$request_id;
+		$_POST['sendAsEmail'] = false;
+
+		// Make the request.
+		try {
+			$this->_handleAjax( $_POST['action'] );
+		} catch ( WPAjaxDieContinueException $e ) {
+			unset( $e );
+		}
+
+		// Get the response.
+		$response = json_decode( $this->_last_response, true );
+
+		$this->assertFalse( $response['success'] );
+		$this->assertSame( 'Invalid request.', $response['data'] );
+	}
+
+	/**
+	 * The function should send error when the request ID is missing.
+	 *
+	 * @ticket 43438
+	 */
+	public function test_wp_ajax_wp_privacy_export_personal_data_should_error_when_missing_request_id() {
+		$this->_setRole( 'administrator' );
+
+		$this->assertNotWPError( self::$request_id );
+
+		// Set up a request.
+		$_POST['action']      = 'wp-privacy-export-personal-data';
+		$_POST['security']    = wp_create_nonce( 'wp-privacy-export-personal-data-' . self::$request_id );
+		$_POST['exporter']    = 1;
+		$_POST['page']        = 1;
+		$_POST['sendAsEmail'] = false;
+		$_POST['id']          = null; // Missing request ID.
+
+		// Make the request.
+		try {
+			$this->_handleAjax( $_POST['action'] );
+		} catch ( WPAjaxDieContinueException $e ) {
+			unset( $e );
+		}
+
+		// Get the response.
+		$response = json_decode( $this->_last_response, true );
+
+		$this->assertFalse( $response['success'] );
+		$this->assertSame( 'Missing request ID.', $response['data'] );
+	}
+
+	/**
+	* Register handler for a custom personal data exporter.
+	*
+	* @since 4.9.7
+	*
+	* @param  array $exporters An array of personal data exporters.
+	* @return array $exporters An array of personal data exporters.
+	*/
+	public function register_custom_personal_data_exporter( $exporters ) {
+		$exporters['custom_exporter'] = array(
+			'exporter_friendly_name' => __( 'Custom Exporter' ),
+			'callback'               => array( $this, 'custom_personal_data_exporter' ),
+		);
+		return $exporters;
+	}
+
+	/**
+	* Custom Personal Data Exporter.
+	*
+	* @since 4.9.7
+	*
+	* @param  string $email_address The comment author email address.
+	* @param  int    $page          Page number.
+	* @return array  $return        Export data.
+	*/
+	public function custom_personal_data_exporter( $email_address, $page = 1 ) {
+		$data_to_export = array();
+
+		if ( 1 === $page ) {
+			$data_to_export = array(
+				'group_id'    => 'custom-exporter-group-id',
+				'group_label' => 'custom-exporter-group-label',
+				'item_id'     => 'custom-exporter-item-id',
+				'data'        => array(
+					array(
+						'name'  => 'Email',
+						'value' => $email_address,
+					),
+				),
+			);
+		}
+
+		return array(
+			'data' => $data_to_export,
+			'done' => true,
+		);
+	}
+
+}