Privacy Issues
Handling privacy requests, GDPR inquiries, and email subscription management.
Common Privacy Requests
- Data access request (GDPR Art. 15) — 30 days → Data Access Requests
- Data deletion request (GDPR Art. 17) — 30 days → Data Deletion Requests
- Email unsubscribe — Immediate → Email Subscription Issues
- Cookie preferences — Immediate → Cookie Policy
Quick Reference
GDPR Rights Summary
- Right of Access — Request copy of personal data (Yes)
- Right to Rectification — Correct inaccurate data (Yes)
- Right to Erasure — Request deletion of data (Conditional)
- Right to Restrict Processing — Limit how data is used (Yes)
- Right to Data Portability — Receive data in machine-readable format (Yes)
- Right to Object — Object to certain processing (Yes)
When Deletion is NOT Possible
Data cannot be deleted when:
- Legal obligations require retention (AML, tax records)
- Ongoing dispute or investigation
- Active financial transactions pending
- Required to establish, exercise, or defend legal claims
Escalation Path
- Standard requests → Support Team
- Complex requests → CIO review
- Legal disputes → CEO + Legal counsel