Data Requests

Version 1.0 · Effective date: October 15, 2025

Personal Data Requests

Seacrets is committed to respecting your rights to access, review, and control your personal data. This document explains the types of requests Seacrets accepts, how to submit them, and our processing timeline.

Types of Requests

Seacrets processes the following types of personal data requests:

  • Access Requests — obtain a copy of your personal data
  • Data Portability Requests — receive your data in a structured, machine-readable format
  • Deletion Requests — request removal of your personal data
  • Correction Requests — update inaccurate or incomplete information
  • Processing Restriction Requests — limit how your data is processed

How to Submit a Request

You may submit a personal data request via:

To facilitate processing, please provide the following information:

  • Your email address or account identifier
  • Type of request (access, deletion, correction, etc.)
  • Scope of request (specific data categories or all data)
  • Identity verification information (may include government ID, proof of residence, etc.)

Identity Verification Process

To protect your privacy and security, Seacrets verifies your identity before processing your request. The verification process may require:

  • Confirmation of your email address and account details
  • Government-issued identification (e.g., passport, driver's license)
  • Proof of residence (for certain requests)
  • Additional verification if your identity cannot be reasonably ascertained

Processing Flow

Seacrets processes personal data requests according to the following steps:

  • Request Receipt — Seacrets confirms receipt of your request within five (5) business days
  • Identity Verification — We verify your identity according to applicable legal standards
  • Data Identification and Compilation — We locate all personal data related to your request
  • Response Delivery — We provide your data or confirmation of action taken

Processing Timelines

Seacrets will respond to your request within the following timeframes, depending on your jurisdiction and applicable laws:

  • GDPR (EU/EEA): Thirty (30) calendar days from receipt, extendable by sixty (60) days for complex requests
  • CCPA/CPRA (California): Forty-five (45) calendar days from receipt, with one forty-five (45) day extension possible

We will notify you of any extension and the reason for it.

Limitations on Requests

Certain limitations may apply to your data requests:

  • Legal Retention Obligations — Data subject to mandatory legal retention periods cannot be deleted
  • Legal Defense — Data required for legal proceedings or defense of legal claims may be retained
  • Anonymized or Aggregated Data — De-identified data that cannot be linked to you is not subject to these rights
  • Third-Party Data — Personal information concerning third parties cannot be disclosed without their consent

Contact Information

For questions about your personal data or to submit a request, contact our Data Protection Officer at [email protected].