Privacy & Compliance
The Privacy & Compliance area lets administrators review, approve, and track every privacy request raised in the workspace — both data exports and account erasures. It is the central place for handling user rights under GDPR (Article 15 — right of access, and Article 17 — right to erasure).
When to use this area
Section titled “When to use this area”Use Privacy & Compliance when:
- A user emails or messages you asking for a copy of their data.
- A user asks to delete their account or be “forgotten” from the platform.
- A coach files a privacy request on behalf of a client and needs your approval.
- You need to demonstrate, during an audit, what privacy requests have been processed and when.
For day-to-day user troubleshooting (resetting passwords, deactivating accounts, changing email addresses), keep using User Management instead — that page handles operational changes, not legal data-rights requests.
Pages in this area
Section titled “Pages in this area”The Privacy & Compliance area is reached from the sidebar and contains three views.
Requests list
Section titled “Requests list”/privacy/requests is the triage view. It lists every privacy request in the workspace, with filters for type (Export or Erasure), status, and the user the request belongs to. Use it to spot work that needs your attention — particularly anything in Awaiting Confirmation.
Each row shows:
- The user the request is for.
- The type of request (Export or Erasure).
- The current status.
- Who filed it (the user themselves, a coach, or an admin).
- When it was filed.
Click any row to open the request detail page.
Request detail
Section titled “Request detail”/privacy/requests/{id} is where you actually act on a request. It shows the full timeline, the requester, the target user, and the available actions for the current status — for example Approve, Cancel, or Download the export bundle.
See Handling data export requests and Handling data erasure requests for step-by-step walkthroughs.
Compliance dashboard
Section titled “Compliance dashboard”/privacy/compliance-dashboard summarises privacy activity across the workspace: total requests by type, average time to completion, requests currently awaiting action, and recently completed work. It is the page to share with auditors or your DPO when they ask “how is the workspace handling data subject requests?”.
Status meanings
Section titled “Status meanings”Every privacy request moves through a fixed set of statuses. Knowing what each one means tells you whether something is waiting on you, the platform, or the user.
| Status | What it means | Who acts next |
|---|---|---|
| Awaiting Confirmation | A coach proposed the request for a client. It will not run until you approve it. | Admin |
| Pending | The request is queued and will start automatically. | Platform |
| In Progress | The platform is preparing the export bundle or running the erasure. | Platform |
| Awaiting Grace Period | An erasure has been approved and is in its 30-day cancellation window. | User (can cancel) |
| Completed | The request has finished successfully. For exports, the download is ready. | None |
| Cancelled | The user, coach, or admin cancelled the request before it ran. | None |
| Failed | The platform could not complete the request. The detail page shows the reason. | Admin |
Finding a request for a specific user
Section titled “Finding a request for a specific user”There are two routes:
- From the Requests list, type the user’s email or name into the search field.
- From User Management, open the user’s profile and click the Privacy tab. You will see every privacy request ever filed for that user, with links into the request detail page.
The Privacy tab on the user profile is the fastest way to answer the question “has this user already asked for an export this month?” before you start a new one.
How requests get created
Section titled “How requests get created”Privacy requests can come from three places:
- The user themselves — through the mobile app or, for coaches and admins, through
/account/privacy. - A coach — for one of their clients, from the Privacy tab on the client detail panel. Coach-filed requests always land as Awaiting Confirmation and need your approval before the platform does anything.
- An admin — directly from this area, on behalf of any user in the workspace.
For the legal context behind why some data is kept after an erasure and why audit logs exist, see Data retention and privacy.