Data Rights Policy

This policy defines how rights requests and deletion requests are handled in Life OS.

Supported Request Types

Correct personal data.
Delete personal data where legally possible.

Jurisdiction scope is selected per request (GDPR or CCPA).

Review and Resolution Workflow

Requests are logged with due dates and verification state.
Only platform superadmins can update DSAR status, including extension or denial decisions.
Every admin update is recorded in the Data Operation Ledger for auditability.

Account Deletion

Deletion requests are queued with a cooldown period before execution.
During cooldown, users can cancel the pending deletion request.
When executed, the account is anonymized and direct personal records are removed according to retention policy.