Usuwanie danych

This Data Deletion Policy describes how deletion requests are handled for AI Smart, including account-level and workspace-level data, integration data, generated media/content, support artifacts, and associated logs.

This policy should be read together with our Privacy Policy and Terms of Service. Where mandatory law imposes different requirements, mandatory law prevails.

Deletion requests may be submitted by:

• The individual account holder for personal account data.
• A workspace owner or authorized administrator for workspace data.
• A verified legal representative acting on behalf of a data subject or business customer.

The preferred deletion workflow is through in-product privacy controls (for example account archive/delete and data export in Settings Privacy, where available for your role).

If in-product controls are unavailable for your role or request type, you can submit a request by contacting: Send a request from your account owner email to legal@webase.global with subject line <span className="text-foreground">Data Deletion Request</span>.

To speed up processing, include: account email, workspace name/ID, request scope (account-only or full workspace), and whether you request deletion, anonymization, or account closure.

Before executing deletion, we verify identity and authority to prevent unauthorized destruction or disclosure of data. We may request additional proof where risk is elevated (for example ownership proof, admin authority, or signed legal authorization).

Supported request types include:

• Account data deletion (single user account profile and related account-level artifacts).
• Workspace data deletion (workspace configuration, members, content, media, automations, integrations, and workspace logs where legally deletable).
• Selective deletion (specific records/categories where technically feasible and lawfully permissible).
• Anonymization/pseudonymization (where hard deletion is not possible due to legal retention constraints).

We aim to acknowledge requests within 72 hours and complete them within 30 days. Complex requests may require additional time where allowed by law; if so, we provide status updates and revised completion estimates.

Subject to legal and technical constraints, deletion may include:

• Account profile data, workspace membership links, and user-level settings.
• Workspace-owned data: uploads, generated media, prompts, campaign drafts, automation artifacts, and associated metadata.
• Integration credentials/tokens and connected account/page/channel records.
• Support artifacts linked to the deleted identity/workspace where legally deletable.

Some records may be retained after deletion requests if required for legal, regulatory, security, or financial obligations. Typical examples:

• Invoice, tax, and accounting records required by statute.
• Security and anti-fraud logs needed for incident response and abuse prevention.
• Legal hold records for pending disputes, claims, or law-enforcement obligations.
• Minimal suppression records to prevent reprocessing of opt-out/deleted identities where required.

Deleted data may continue to exist in encrypted backups for a limited rolling period until overwrite cycles complete. Backup data is not restored into active production except for disaster recovery and remains protected by access controls.

We remove stored integration tokens and local connection metadata within our system scope. For third-party providers (for example social platforms, analytics, or payment tools), you may also need to revoke app access directly in those provider accounts to complete external deletion.

If your account was connected through Meta integrations, Meta-originated deauthorization/deletion flows may trigger cleanup of related tokens and linked records in our systems. This does not automatically delete all unrelated workspace content unless specifically requested.

Deletion of AI-generated outputs and prompt history in our systems is handled according to request scope. Processing by third-party model providers is governed by their own retention and compliance policies, subject to the configuration and contractual framework in use.

For shared workspaces, deleting one member account does not automatically delete all workspace data if other authorized members remain. Full workspace deletion generally requires request/approval by a workspace owner or legally authorized representative.

Deletion requests may interact with subscription and billing records. We may require billing closure steps (for example cancellation and settlement of outstanding charges) before final account/workspace closure. Statutory financial records remain retained as required by law.

Where available, we recommend exporting required business data before requesting full deletion. After deletion is finalized, restoration may be impossible except where backup/legal exceptions apply.

After processing, we provide a completion notice to the request originator (or verified representative). Where needed for compliance workflows, we can provide machine-readable confirmation identifiers.

If a request is rejected or only partially fulfilled, we explain the lawful basis (for example inability to verify identity, conflicting legal obligations, or disproportionate technical burden for selective deletion).

If you disagree with our decision, you may submit an appeal to legal@webase.global. If you are in the EU/EEA/UK, you may also lodge a complaint with your local supervisory authority.

Deletion actions are controlled by role checks, authorization controls, and audit logging to reduce risk of unauthorized or accidental deletion.

We may update this Data Deletion Policy to reflect legal, security, and operational changes. Material updates are communicated through in-product notices and/or email where appropriate.

Data deletion and privacy operations contact: legal@webase.global.