Data export and erasure
How data-subject requests work with Syncanix — submitting access, export, and erasure requests, the response windows, and who does what.
Your users have data rights; Syncanix is built to help you honor them. This guide covers the request flow, the response windows we commit to, and the controller/processor split — what you handle, and what we handle for you.
The requests and how to submit them
Five request types are supported under GDPR Articles 15–22: access, erasure, portability (export), rectification, and objection. Submit them through the data-subject request form on the trust pages, or by email — the same response windows apply either way. Every request is acknowledged immediately with a reference ID and an expected completion date.
Response windows
Requests are acknowledged within 24 hours and fulfilled within 30 days, in line with GDPR Article 12. Erasure covers the conversation data Syncanix processes for the affected user; portability delivers the data in a machine-readable format within the same 30-day window.
Who does what
Toward your users, YOU are the controller: your privacy notice names the rights and the channel, and requests from your users normally arrive through you. Syncanix is your processor — we execute the request against the data we process for you and assist you within the same windows. If a user contacts Syncanix directly, the same SLAs apply.
Leaving with your data
Offboarding is a data right too: your agreement includes a data-export window after termination, so you can take your conversation history and configuration with you before deletion. Start the export by contacting support before the window closes.