← Back to home

Data Subject Access Request

Last updated: April 29, 2026 — DRAFT pending external counsel sign-off

Use this page to exercise your rights under the India Digital Personal Data Protection Act 2023 (DPDP), the EU/UK GDPR, or applicable US state privacy laws. AimpleAI will acknowledge your request within 7 days and respond substantively within 30 days.

Who may submit

  • An adult Data Principal (≥ 18) on their own behalf.
  • A parent or legal guardian on behalf of a minor.
  • A nominee designated under DPDP §14 (with proof).
  • A registered legal representative with documented authority.

What you may request

Access (DPDP §11 / GDPR Art. 15)

Receive a summary of personal data we hold about you, the purposes of processing, and recipient categories.

Correction (DPDP §12 / GDPR Art. 16)

Request that we correct inaccurate or incomplete personal data.

Erasure / Deletion (DPDP §12 / GDPR Art. 17)

Request deletion of your personal data, subject to legal retention obligations (e.g., audit logs retained 7 years).

Nominate (DPDP §14)

Designate a person to exercise your rights in the event of incapacity or death.

Withdraw consent

Withdraw consent previously given for any consent-based processing (e.g., analytics opt-in, marketing emails).

Required information

To process your request, please include the following in your message:

  • Full legal name
  • Email associated with your AimpleAI account (or the tenant org you accessed via)
  • Tenant organisation name (if you accessed AimpleAI via an enterprise tenant)
  • Government-issued photo ID — last 4 characters of the ID number suffice; redacted file via secure link on request
  • Specific request type (see categories below)
  • Scope of the request (free-text — e.g., "all CRM-upload data containing my email", "all account-level audit log entries 2025-01-01 to 2026-04-29")
  • Preferred response channel (email / postal / secure download link)
  • Self-attestation: "I attest the above is accurate and I am the Data Principal or duly authorised representative."

How to submit

Status (DRAFT): A dedicated DSAR backend portal is on the AimpleAI roadmap (Phase 2). Until that ships, please submit via email — the link below pre-populates the required fields.

Open pre-filled DSAR email →

Sends to privacy@aimpleai.com. Postal address available on request to the Grievance Officer.

Response timeline

StageSLA
AcknowledgementWithin 7 days (target: 3 business days)
Identity verification follow-upWithin 5 business days of acknowledgement
Substantive response / fulfilmentWithin 30 days max
Auto-escalation to Grievance Officer if unresolvedDay 25 internal trigger
Escalation to Data Protection Board of India (Data Principal-driven)Per DPDP §13(3)

Grievance escalation (DPDP §13)

If your request is not resolved to your satisfaction, you may escalate to the AimpleAI Grievance Officer at jaisingh1006@gmail.com. If still unresolved, you have the right to escalate to the Data Protection Board of India.

Note for end-users of AimpleAI tenants

Where AimpleAI processes data on behalf of a tenant (Data Processor role), the tenant is the primary Data Fiduciary for that data and you should generally direct your request to them first. If the tenant fails to respond within 30 days, you may escalate to AimpleAI via the form above and we will route to the appropriate party.