Privacy & data rights
Jurisdiction-aware data-subject requests for access, deletion, correction, and opt-out.
AxioRank handles data-subject requests (DSRs) for access, deletion, correction, and
opt-out, and computes each one's statutory deadline from the requester's
jurisdiction. Data subjects use the public pages at
/privacy-request and /privacy-choices;
this page is the operator's view of how those requests flow.
Processor vs. controller
When a request concerns Customer Data (an individual who appears in a customer's agent traffic), AxioRank is a processor. Per the DPA, that request is referred to the controller (the customer) to action, rather than handled unilaterally. AxioRank acts directly only for data it controls (account holders).
The DSR lifecycle
- Intake: a request arrives at
POST /api/privacy/requests(or the public form). It startsunverified. - Verify: a double opt-in email confirms the requester controls the address;
clicking through moves it to
verified. - Act: an operator runs the export, erasure, or correction; status moves
pending → processing → completed(orfailed). - Appeal: where the jurisdiction mandates it, a resolved request can be
appealed at
POST /api/privacy/requests/{id}/appeal.
Jurisdiction-aware deadlines
The response window (and whether an appeal is mandated) is derived from the
requester's jurisdiction (default other when unspecified):
| Jurisdiction | Response | Appeal |
|---|---|---|
| California (CCPA/CPRA) | 45 days | - |
| U.S. state comprehensive | 45 days | required (60 days) |
| EU/EEA (GDPR) | 30 days | - |
| United Kingdom (UK GDPR) | 30 days | - |
| Brazil (LGPD) | 15 days | - |
| Other / unspecified | 30 days | - |
Endpoints
| Endpoint | Auth | Does |
|---|---|---|
POST /api/privacy/requests | public (rate-limited) | File a DSR (access · delete · correct · opt_out). Returns 202 and never reveals whether data is held. |
POST /api/privacy/export | account holder / owner | Build a workspace or account export bundle (async). |
GET /api/privacy/export | account holder | Poll export status / download URL. |
POST /api/privacy/rectify | account holder | Log a rectification (the change itself is made in account settings). |
POST /api/privacy/requests/{id}/appeal | requester | Appeal a resolved request. |
These are internal compliance endpoints, not part of the public gateway contract.
Next steps
- Audit integrity: how retention purges keep the audit chain verifiable.
- Gateway API → Audit export: export the underlying records.