Privacy Requests

Last updated: March 18, 2026. This page explains how OBAM handles data subject access requests (DSARs) and similar privacy rights requests for people whose personal data is processed through our website or services.

Submit requests to legal@obam.dev. If you are an end user of an OBAM customer, please also contact your organization first because it may be the primary controller for your workspace data.

How to submit a request

  1. Email legal@obam.dev from the address associated with your account or from an address that lets us verify your identity and authority.
  2. State whether your request is for access, export, correction, deletion, restriction, objection, or portability, and identify the organization or workspace involved.
  3. We may ask for additional information to verify identity, clarify scope, or confirm authority when the request is submitted on behalf of a company or another person.
  4. Once verified, we will coordinate the request with the relevant customer account owner where required and respond within the timeline required by applicable law.

What we support

Access and export

On verified request, OBAM can compile account profile data, authentication history, workflow records, communication records, and related metadata that we control, subject to legal and security limitations.

Deletion and suppression

Where deletion is required and permitted, we can delete or de-identify account records and workflow content from the active service, then follow our backup and log retention schedule for residual systems.

Recipient transparency

If your request concerns disclosures of personal data, we can identify the categories of recipients involved and, where applicable, the processors or service providers named on our Subprocessor List.