Skip to main content
All CollectionsLegal & security
Data Subject Access Rights
Data Subject Access Rights

This article describes our procedure for handling Data Subject Access Requests under GDPR.

Brian Swift avatar
Written by Brian Swift
Updated over a month ago

At Twine, we're committed to protecting your privacy and ensuring you have control over your personal data. This article explains how you can request access to personal data we hold about you and how we handle such requests.

What is a Data Subject Access Request?

A Data Subject Access Request (DSAR) is a formal request you can make to:

  • Find out if we hold personal data about you

  • Get a copy of your personal data

  • Learn how we use and process your data

  • Understand who we share your data with

  • Request corrections to inaccurate data

  • Request deletion of your data where appropriate

How to submit a request

  1. Send an email to legal@twine.so.

  2. Include "Data Subject Access Request" in the subject line.

  3. Provide your:

    1. Full name

    2. Email address associated with your Twine account

    3. Specific details about what information you're seeking

    4. Preferred format for receiving the information

Identity verification

To protect your privacy, we'll need to verify your identity before processing your request. You'll need to provide:

  • A photo ID (such as passport or driver's license)

  • Proof of address (such as utility bill or bank statement)

If you're making a request on behalf of someone else, you'll also need to provide written authorization from that person.

What to expect

Once your request has been made, the following will occur:

  • We'll acknowledge your request within 3 business days

  • We'll provide a full response within 30 days

  • If we need more time due to complex requests, we'll let you know within the initial 30-day period

Format of the response

Depending on your request, we will provide:

  • A copy of your personal data in a structured, commonly used, machine-readable format

  • Confirmation of any actions taken (such as correction or deletion)

  • Explanation if we cannot fulfill your request

  • Information about how your data is processed

What we cannot provide

We cannot provide:

  • Personal data about other individuals

  • Customer data processed on behalf of our clients

  • Information already available in the public domain

  • Confidential business information or trade secrets

  • Information covered by legal privilege

  • Duplicate data from requests made within the last 12 months

When acting as a data processor

If we process your data on behalf of one of our customers (for example, if you appear in customer call recordings), we'll forward your request to the appropriate data controller (our customer) who will handle your request directly.

No fee

We process DSARs free of charge. However, we may charge a reasonable fee if requests are:

  • Manifestly unfounded

  • Excessive

  • Repetitive within a 12-month period

Questions and support

If you have questions about this process or need help with your request:

Updates to this policy

We may update this policy periodically to reflect changes in our practices or regulatory requirements. Please check back regularly for the latest version.

Related Articles
Master Subscription Agreement
Privacy Policy
User Terms of Service
GDPR Commitment
Did this answer your question?