Skip to content
Being Optimal
Trust CenterPrivacyTermsPlans

Legal / Data Subject & Consumer Request Procedure

Data Subject & Consumer Request Procedure

Version 1.0.0-draft · Effective 2026-07-13 · Operator [PENDING: LEGAL_ENTITY_NAME]

Operator draft — not legal advice; counsel review required before relying on this text.

Contents

  1. 1. Who can make a request
  2. 2. Rights menu (by regime)
  3. 3. How to submit a request
  4. 3.1 Privacy inbox (primary for full rights exercise)
  5. 3.2 In-product correction
  6. 3.3 Account deletion (erasure initiation)
  7. 3.4 Support channel
  8. 4. Identity verification
  9. 5. Export & portability (important limitations)
  10. 5.1 In-app / API export (current product)
  11. 5.2 Full portability request
  12. 6. Erasure — how it works and honest caveats
  13. 6.1 Automated deprovision path
  14. 6.2 Community forum — anonymized, not deleted
  15. 6.3 Orphan / lagging tables (known)
  16. 6.4 Soft-delete of custom ingredients
  17. 6.5 External copies we do not fully control
  18. 6.6 Legal hold & mandatory retention
  19. 7. Timelines
  20. 8. Fees
  21. 9. Refusal, partial response, and appeals
  22. 10. Children
  23. 11. Operational contacts
  24. Related documents

Defined terms follow Definitions. Companion policies: Privacy Policy, Automated Decisions, Sub Processor List.


1. Who can make a request

Requester Scope
Account holder Personal Data we process about your Being Optimal account and Environments
Authorized agent Where permitted by law (e.g., CCPA/CPRA), with proof of authorization
Parent/guardian Where applicable for a minor we should not have onboarded — see age section in Privacy Policy

Being Optimal is the Controller for account, health-profile, meal, journal, AI conversation, and related product data (B2C). Named infrastructure vendors are Processors / sub-processors listed in the Sub-processor List.


2. Rights menu (by regime)

We honor rights available under applicable Data Protection Laws. Availability and exact scope depend on your location and the law that applies.

Right Typical regimes How we handle (summary)
Access / know GDPR, UK GDPR, CCPA/CPRA, PDPA, APPs, PDPO Provide categories and, where required, a copy of Personal Data we hold
Rectification / correction Most laws Correct inaccurate account or profile data; many fields are editable in-product
Erasure / deletion GDPR Art. 17, CCPA “delete,” others Account deletion + deprovision path; caveats in §6
Restriction GDPR / UK GDPR Limit processing where legally required
Objection GDPR / UK GDPR Object to processing based on legitimate interests or direct marketing
Portability GDPR / UK GDPR Structured export — full portability via privacy email; partial in-app (see §5)
Opt out of “sale” / “share” CCPA/CPRA We do not sell Personal Data for money; see Privacy Policy for “share” analysis (e.g., limited outbound partner click metrics)
Limit use of sensitive personal information CCPA/CPRA Health/pregnancy data is core to the product; contact [email protected]
Human review of automated decisions GDPR Art. 22 posture Scores and AI outputs are informational, not medical decisions — see Automated Decisions
Withdraw consent GDPR Art. 7 / Art. 9 Stop AI use, disable push, close account; withdrawal does not affect prior lawful processing

If a right is not available in your jurisdiction, we may still honor reasonable requests as a matter of practice.


3. How to submit a request

3.1 Privacy inbox (primary for full rights exercise)

Email [email protected] and include:

  1. The type of request (access, correction, erasure, portability, restriction, objection, CCPA know/delete/opt-out, etc.);
  2. The email address associated with your account (and any prior emails if changed);
  3. Enough detail to locate records (Environment name if relevant);
  4. For agents: proof of authorization and identity of the consumer.

3.2 In-product correction

Many profile, preference, meal, and journal fields can be corrected directly in the signed-in Services without a formal request.

3.3 Account deletion (erasure initiation)

There is no dedicated in-app “delete account” API endpoint for end users. Deletion is initiated as follows:

  1. You delete (or request deletion of) your account via the Authentication Provider account / user management UI.
  2. The Authentication Provider emits a lifecycle event (e.g., user.deleted) delivered to our backend.
  3. Our privileged backend runs deprovision for your site data and best-effort community anonymization (see §6).

If you cannot complete step 1, write to [email protected] and we will assist.

3.4 Support channel

Product questions that are not legal rights requests: [email protected]. We may re-route privacy matters to [email protected].


4. Identity verification

To protect Special Category Health Data and other Personal Data, we verify the requester before disclosing or acting:

Check Practice
Account match Request email and account identifiers must match our records
Authentication Prefer actions from a signed-in session where appropriate
Heightened scrutiny For erasure or bulk access, we may require additional confirmation
Agents Valid authorization + consumer identity verification as required by law
Failure to verify We will not disclose or delete until identity is reasonably verified

We do not request unnecessary government ID where less intrusive verification works.


5. Export & portability (important limitations)

5.1 In-app / API export (current product)

The product export is:

  • Environment-scoped — it exports data for a selected Environment, not necessarily a single “whole account” bundle across all workspaces; and
  • Partial — it is not a complete GDPR-style portability package of everything we process.

In-app export typically does not include (non-exhaustive; subject to product evolution):

Excluded from current export Notes
AI conversation bodies (messages / full chat content) May still exist in database until erasure
Quiz progress / Knowledge Score Educational progress
Notifications / push records Preferences, logs, subscriptions
Share links / share records Collaborative or public share artifacts
ai_runs metadata Model-run metadata (not full prompt/response bodies in that table)
Inactive custom ingredients Soft-deactivated custom foods may be omitted

5.2 Full portability request

For a complete portability / access package, email [email protected]. We will provide what we can reasonably assemble from systems we control, subject to verification and the limits in §6–§8.


6. Erasure — how it works and honest caveats

6.1 Automated deprovision path

When account deletion is confirmed via the Authentication Provider lifecycle event, our privileged backend attempts to:

  1. Remove or cascade primary site data tied to your user (Environments, meals, journal, templates, combos, AI conversations where coded, profile prefs, etc.);
  2. Anonymize (not hard-delete) community forum identity where the Community Platform Provider is enabled — see §6.2;
  3. Return success when the automated job completes its steps.

Caveat: deprovision is automated but not certified as fully atomic. We do not currently issue formal “deletion certificates.” Failures may require manual follow-up via [email protected]. Remediation of known gaps is planned (PREFLIGHT DECISIONS).

6.2 Community forum — anonymized, not deleted

Topic Current practice
Forum posts / uploads Anonymized (display name / email cleared as supported by the platform); content may remain visible in threads
Staff / moderator accounts May be excluded from automated anonymize; handled manually
Best-effort Step may fail silently in edge cases; contact privacy if content remains linked to you

6.3 Orphan / lagging tables (known)

Some operational tables may not yet be fully wiped by automated deprovision and may lag until engineering remediation:

  • Push subscriptions
  • Notification log
  • Notification preferences
  • Quiz progress
  • AI rate-limit hits

Contact [email protected] if you need assistance confirming cleanup of these rows.

6.4 Soft-delete of custom ingredients

Custom ingredients may be soft-deactivated and then removed with Environment cascade rather than immediately hard-deleted in isolation.

6.5 External copies we do not fully control

System Erasure reality
AI Model Providers Prompt/response copies may be retained under the provider’s DPA / retention; we do not currently call provider-side deletion APIs on account erasure
Email Delivery Provider Delivery logs may persist per provider retention
Cloud object storage (e.g., forum uploads) May not be purged on every deprovision path today
Authentication Provider Account identity is deleted/closed under that provider’s process

6.6 Legal hold & mandatory retention

Erasure may be delayed or limited where:

  • Legal hold suspends deletion where required by law applies (litigation, regulatory inquiry);
  • We must retain records for fraud prevention, security, tax, or other legal obligations;
  • Anonymized or aggregated data is no longer Personal Data.

7. Timelines

Framework Target response time
GDPR / UK GDPR Within 1 month of receipt (extendable by up to 2 further months for complex/numerous requests — we will tell you)
CCPA/CPRA Within 45 days (extendable by 45 days with notice)
Singapore PDPA / Australia APPs / Hong Kong PDPO / other APAC Without undue delay and within local statutory limits

We aim to acknowledge requests promptly. The GDPR 30-day window is our operational goal for EU/EEA/UK-style access and erasure where those laws apply.


8. Fees

Requests are free of charge, except where a law permits a reasonable fee for manifestly unfounded, excessive, or repetitive requests. We will explain any fee before charging.


9. Refusal, partial response, and appeals

We may refuse or limit a request where:

  • Identity cannot be verified;
  • Legal hold or mandatory retention applies;
  • Disclosure would adversely affect others’ rights and freedoms;
  • The request is manifestly unfounded or excessive;
  • An exemption under the relevant law applies.

We will explain the basis for refusal or partial fulfillment and your options to:

  1. Reply to [email protected] to appeal or provide more information;
  2. Lodge a complaint with a supervisory authority (see Privacy Policy regional annexes);
  3. Seek judicial remedy where available.

10. Children

The Services are directed at adults (18+, self-attested). We do not knowingly process children’s data as users. If you believe we hold a child’s data, contact [email protected] for prompt deletion.


11. Operational contacts

Need Contact
Privacy rights & DSAR [email protected]
Product support [email protected]
Security incidents [email protected]
Legal notices [email protected]
DPO / privacy lead (if appointed) [PENDING: DPO_CONTACT]

Related documents

  • Privacy Policy
  • Sub Processor List
  • Automated Decisions
  • Records Of Processing
  • Security And Compliance
  • Contact And Legal Notices
  • PREFLIGHT DECISIONS (operator accuracy notes)

Content hash: b424161df46a… · Built 2026-07-15

← Back to Legal hub

© 2026 Being Optimal · Planning context, not medical advice.

Legal hub · Terms · Privacy · Cookies · Medical disclaimer · Contact