Book a Call
Legal · Data Rights

GDPR + Data Rights Center

Your rights under the EU GDPR, UK GDPR, CCPA/CPRA, PIPEDA, and NDPR — and exactly how to exercise them with DmainWeb. One form, all jurisdictions.

Effective: January 1, 2026 Last updated: May 7, 2026 Response time: ≤ 30 days
Quick summary

If you want to access, correct, delete, port, or restrict the personal data we hold about you — or object to specific processing — submit the form below. We respond within 30 days (often faster), at no cost, regardless of which country you're in.

Contents
  1. What is GDPR + global data rights?
  2. Which laws apply to your request
  3. Your rights at a glance
  4. How to submit a request
  5. Submit a data rights request
  6. How we process your request
  7. Data Protection Officer
  8. Data breach notification
  9. Supervisory authorities

1. What is GDPR + global data rights?

The General Data Protection Regulation (GDPR) is the EU law giving individuals strong rights over their personal data. The UK has a parallel UK GDPR. Other countries we operate in have similar laws: CCPA/CPRA in California, VCDPA in Virginia, PIPEDA in Canada, and the NDPR / NDPA 2023 in Nigeria.

DmainWeb applies a unified data rights framework that meets the highest standard required by any of these laws — so you get equivalent protection no matter where you're based.

2. Which laws apply to your request

Where you liveLaw that protects youKey supervisory authority
European Union / EEAEU GDPRYour national DPA (e.g., CNIL, Garante, BfDI)
United KingdomUK GDPR + Data Protection Act 2018ICO (Information Commissioner's Office)
California, USACCPA / CPRACalifornia Privacy Protection Agency
Virginia / Colorado / Connecticut / UtahVCDPA / CPA / CTDPA / UCPAState Attorney General
CanadaPIPEDA (federal) + provincial laws (Quebec Law 25, BC PIPA, etc.)Office of the Privacy Commissioner of Canada
NigeriaNDPR + NDPA 2023Nigeria Data Protection Commission (NDPC)

3. Your rights at a glance

1
Right of Access
Get a copy of all personal data we hold about you, plus information about how we use it.
2
Right to Rectification
Correct inaccurate or incomplete information we hold about you.
3
Right to Erasure
Request deletion of your data ("right to be forgotten"), subject to legal retention requirements.
4
Right to Restrict Processing
Limit how we process your data while a dispute is being resolved.
5
Right to Data Portability
Receive your data in a structured, machine-readable format (JSON or CSV) and transmit it elsewhere.
6
Right to Object
Object to processing based on legitimate interests, including direct marketing.
7
Right to Withdraw Consent
Withdraw consent at any time without affecting prior lawful processing.
8
Rights re: Automated Decisions
Not be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
9
Opt-out of Sale / Sharing
CCPA/CPRA right to direct us not to sell or share your personal information (we don't sell, but you can still formally opt out).
10
Right to Non-Discrimination
We will not deny services, change pricing, or reduce quality of service because you exercised a right.

4. How to submit a request

Three options — pick whichever is convenient. All are processed within 30 days under the same standards.

  1. The form below on this page (recommended — fastest).
  2. Email our privacy team at privacy@dmainweb.online with subject "Data Rights Request" and details of your request.
  3. WhatsApp us at +234 816 6457230 — we'll route the request to our privacy team.

Authorised agents may submit requests on behalf of California consumers (CCPA/CPRA) — provide written authorisation when submitting.

5. Submit a data rights request

Data Rights Request Form

Submit your request below. We will verify your identity (typically by email confirmation) and respond within 30 days.

6. How we process your request

  1. Receipt confirmation — we acknowledge within 3 business days.
  2. Identity verification — we may ask you to confirm via email or provide identifying details to prevent fraudulent requests.
  3. Internal review — our privacy team locates all relevant data across our systems (CRM, email, hosting, analytics).
  4. Response — we provide the requested action or, if we cannot fulfil it (e.g., legal retention requirement), we explain why.
  5. Timeline — within 30 days. May be extended by 60 days for complex requests, with notice to you.
  6. Cost — free for the first request in any 12-month period. We may charge a reasonable fee only if requests are excessive or repetitive.

7. Data Protection Officer

While we are not legally required to appoint a DPO under GDPR (we don't process special category data at scale or conduct large-scale monitoring), we have designated a privacy lead:

  • Privacy Lead: DmainWeb Privacy Team
  • Email: privacy@dmainweb.online
  • Postal: DmainWeb, Lagos, Nigeria (registered office)

8. Data breach notification

If a personal data breach occurs that is likely to result in risk to your rights and freedoms:

  • We notify the relevant supervisory authority within 72 hours of becoming aware (UK GDPR / EU GDPR requirement).
  • If the risk is high, we notify you directly without undue delay via email.
  • For Nigerian residents, we comply with the NDPA 2023 breach notification requirements (notification to NDPC and affected data subjects).
  • For Canadian residents, we comply with PIPEDA mandatory breach reporting.
  • For California residents, we comply with the California breach notification law (Civil Code §1798.82).

9. Supervisory authorities — where to complain

If you believe we have not handled your request properly, you have the right to lodge a complaint:

Privacy questions outside the form?

Email privacy@dmainweb.online directly. We respond within 1 business day, and full data rights responses within 30 days.

👋 Hi, speak with Gloria ×