Exercise your rights under the UK GDPR / EU GDPR. All actions here are effective immediately or begin a 30-day grace window. Contact [email protected] with questions.
Art. 15 & 20 - access + portability. Generates a ZIP of every row we hold linked to your account or entities you own. We email you a one-time download link when it is ready (usually within a few minutes, 24-hour SLA). Rate-limited to one request per day.
Art. 16 - rectification. Keep your name, email, and business details up to date via your main account page. Corrections are effective immediately.
Art. 18 - restrict processing. While paused, login is blocked, analytics and marketing stop, and automated workflows are paused. Your data stays readable via export above. You can resume any time from this page.
Individual opt-in / opt-out per purpose. These write to an append-only consent log (Art. 7(3)) - every change is recorded. PostHog, third-party embeds, and AI training inputs each honour the latest value.
Art. 21 - object to direct marketing. Effective immediately. Transactional emails (account activity, password resets, invoices) are not affected.
Art. 17 - right to erasure. Starts a 30-day grace window, after which your personal data is permanently removed. Records legally required (UK tax invoices, HMRC retention) are anonymised and kept without personal details. You can cancel the deletion any time within 30 days via the link in your confirmation email.