Privacy Request Procedure

Draft only. Requires legal review before publication. This software provides compliance tooling, but does not provide legal advice.

Privacy Request Procedure

Purpose

Tell users how to exercise GDPR and Czech data-protection rights.

Source model

This slot follows mature SaaS and security-software legal-center patterns: Zapier-style customer terms, DPA, subprocessors, security, and data-transfer material; Avast-style license, acceptable-use, privacy, IP, transparency, and accessibility material.

Jurisdiction focus

Prepare this for EU users and Czech-market operation. Complete operator details, Czech consumer wording, cookie consent behavior, GDPR roles, and cross-border transfer safeguards before publication.

Available rights

Access, rectification, erasure, restriction, portability, objection, and withdrawal of consent may apply depending on the processing activity.

How to submit

Use the privacy or support email listed in the Legal Notice. Include account email and enough information to identify the relevant data.

Verification

BAAM AI may ask for information needed to verify identity and protect other users' data.

Response timing

State the expected GDPR response timeframe and extension process after counsel review.

Processor data

If BAAM AI processes data on behalf of a business customer, BAAM AI may refer the requester to that customer or assist the customer under the DPA.

Complaints

EU users may complain to a supervisory authority, including the Czech Office for Personal Data Protection where applicable.

Completion checklist

• Add the final privacy contact.
• Document request intake in internal support workflow.
• Train support admins on controller vs processor handling.