Adfinia. ← Back to adfinia.com
Legal · Your Rights

Data-subject rights request

Response window30 days (60 if complex)
CostFree, unless manifestly excessive
Governing regimesGDPR · UK GDPR · DPDP · PDPL
Last updated2026-05-16
This is a working draft, pending external legal review. The request flow below is operational; the response timelines and identity-verification language are pending review by external counsel and may change before commercial publication. To raise comments, write to support@adfinia.com with subject "Rights".

How this works

If your data is in Adfinia because we collected it directly (you signed up, you visited our website, you contacted us), file the request below. If your data is in Adfinia because a customer of ours uploaded it, route the request to that customer — they are the controller and we assist them in responding.

Use the form on the right to submit a request. Adfinia will:

  1. Acknowledge receipt within 5 business days.
  2. Verify your identity before processing the request — see Identity verification below.
  3. Respond within 30 days, extendable to 60 days for complex requests (Art. 12(3) GDPR; aligned timelines under DPDP and PDPL).
  4. Provide our response in writing, free of charge, unless the request is manifestly unfounded or excessive (in which case we will explain why and either refuse or charge a reasonable fee, with a route to appeal).

What you can ask for

  • Access — a copy of the personal data we hold about you, the purposes of processing, the recipients, and the storage period.
  • Rectification — correction of inaccurate or incomplete data.
  • Erasure ("right to be forgotten") — deletion of personal data where a GDPR / DPDP / PDPL ground applies.
  • Portability — a structured, machine-readable copy of personal data you provided to us, and onward transmission to a controller you nominate.
  • Restriction — limit processing while a dispute or accuracy check is resolved.
  • Objection — object to processing based on legitimate interest, including profiling that produces legal or similarly significant effects.

Identity verification

To prevent unauthorised disclosure, Adfinia verifies the identity of the requester before acting on access, erasure, portability, or rectification requests. The verification step is proportional to the sensitivity of the data:

  • Visitor or prospect data — confirmation from the email address we have on record is sufficient.
  • Account holder data — login to the Adfinia console; the request can then be filed from inside /settings/privacy with the session-bound identity used as the verification.
  • Sensitive or high-risk data — we may ask for a redacted government ID or a one-time code mailed to the postal address we have on record. We will explain why before asking.

We do not retain verification documents beyond what is necessary to confirm identity, and we never use them for any purpose other than verification.

If we can't act

We may decline or partially fulfil a request where:

  • The data is held by a customer of Adfinia (you are a contact, not a Customer). We will route the request to the customer and notify you.
  • The request would breach the rights of another person (for example, a request that exposes a third party's data).
  • Mandatory law requires us to retain the data (tax records, anti-money-laundering, court order).

Where we decline, we will explain why and tell you how to appeal — including the right to lodge a complaint with your supervisory authority (in the EU, your national DPA; in the UK, the ICO; in India, the Data Protection Board; in the UAE, the UAE Data Office).