Treat request intake as a queue, not an exception
As request volume increases, teams need standardized intake, ownership, due-date tracking, and evidence capture for each decision.
Back to Help Center
Principal rights
Principal rights operating model
A practical view of how access, correction, portability, and deletion requests should be handled operationally once they start arriving at volume.
9 min readSupport, privacy operations, and DPO functions
Build a clear decision path
Every request should have a visible lifecycle from submission through review, response, and export or closure.
Make statuses visible to the principal and the internal operator.
Track who reviewed the request and when.
Retain evidence of completion, especially for exports and corrections.
Avoid silent manual handling
Email-driven or spreadsheet-driven request handling quickly becomes untrustworthy. If an action happened, the platform should be able to show it in the audit trail.