Data Deletion Request

Request Deletion
of Your Personal Data

Under CCPA Section 1798.105, California residents have the right to request that MYGIA delete personal information it has collected about them. This right extends to all US residents we serve.

CCPA Section 1798.105 · 45-day response window (extendable to 90) · Free of charge

This document is available in English and Spanish. The English version is the legally binding version. The Spanish translation is provided for convenience only.

Your Rights Under CCPA Section 1798.105

You have the right to request that MYGIA and our service providers delete personal information collected about you. We will not discriminate against you for exercising this right.

1

Your Right to Delete

Under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), California consumers have the right to request that businesses delete personal information they have collected about them from their records and direct their service providers to do the same.

Although MYGIA is incorporated in Florida and primarily serves US businesses, we honor data deletion requests from all US residents we have collected data about, regardless of their state of residence, as a matter of good practice and ethical data stewardship.

§1798.105

CCPA deletion right

45 days

Standard response window

$0

No charge, ever

2

What We Can Delete

Upon a verified deletion request, MYGIA will delete the following categories of personal information from our active systems and direct our service providers to do the same:

Identity & Contact Information

Name, email address, phone number, WhatsApp number, physical address, and any associated account profile data stored in our CRM or communication platforms.

Conversation History

Chat transcripts, WhatsApp message history stored in our systems, AI agent interaction logs, and any notes or tags generated from those conversations.

Behavioral & Analytics Data

Individual-level browsing behavior, click events, session recordings, funnel stage history, and any other behavioral data linked to your personal identifier.

Account & Authentication Data

Login credentials, session tokens, device identifiers, and IP addresses associated with your account or service interactions.

Marketing & Preference Data

Email subscription lists, SMS/WhatsApp marketing lists, campaign engagement data, and any preference or segmentation data linked to your identity.

3

What We Must Retain (Legal Obligations)

CCPA Section 1798.105(d) provides specific exemptions. MYGIA is not required to delete personal information that it is legally obligated to maintain. The following categories may be retained despite a deletion request.

Tax & Financial Records

Transaction records, invoices, and payment data required for IRS compliance, US tax law, and Florida state tax obligations. Retention period: 7 years from the date of the transaction.

Legal Claims & Disputes

Data necessary to establish, exercise, or defend legal claims, including contractual disputes, chargebacks, fraud investigations, and regulatory proceedings. Retained for the duration of the claim plus applicable statute of limitations.

Security & Fraud Prevention

Security logs, fraud detection records, and data necessary to detect and prevent security incidents, as permitted under CCPA § 1798.105(d)(2). Minimum retention: 12 months.

Regulatory Compliance

Data required to comply with applicable US federal or state law, including FTC regulations, anti-money laundering requirements, and any applicable industry regulations. Retention as required by the specific regulation.

Deletion Request Records

MYGIA retains a minimal record of deletion requests (request date, identifier used, date fulfilled) to demonstrate compliance with CCPA and to honor opt-out preferences. This record does not include the deleted content.

Aggregate & De-identified Data

Statistical reports and aggregate analyses that do not identify you individually are not considered Personal Data and are not subject to deletion requests. Examples: monthly active user counts, conversion rate reports.

4

How to Submit Your Request

You may submit a data deletion request through any of the following channels. All channels are monitored and receive equivalent processing. Choose the one most convenient for you.

Email

Recommended

Send your request to our privacy team. Includes a pre-filled template.

[email protected]

WhatsApp

Fastest Response

Message us directly for same-day acknowledgment during business hours.

+1 (954) 228-3490

Include the following information in your request:

  • Your full name and the email address or phone number associated with your account.
  • Whether you want all personal data deleted or specific categories only.
  • A brief explanation of your relationship with MYGIA (e.g., subscriber, lead, client).
  • If submitting on behalf of another person, documentation of authorized representation.
5

Verification Process

To protect your personal data from unauthorized deletion, MYGIA must verify your identity before processing your request. The verification process is proportional to the sensitivity of the data and the risk of harm from deletion.

1

Request Submission

You submit your deletion request via email or WhatsApp with your identifying information.

2

Identity Verification

We verify your identity by matching the information provided against our records. For standard requests, matching email or phone number is sufficient. For requests involving sensitive data, we may ask for an additional verification step.

3

Confirmation of Receipt

Within 10 business days of receiving your request, we will acknowledge receipt and inform you of the expected completion date.

4

Processing & Deletion

We process your request across our systems and direct our service providers to delete your data. We will provide written confirmation upon completion.

Authorized agents: You may designate an authorized agent to submit a deletion request on your behalf. The agent must provide documentation of their authorization (power of attorney or signed written permission) and you may be required to verify your identity directly with MYGIA.
6

Response Timeline

Within 10 business days — Acknowledgment

MYGIA will confirm receipt of your request and provide information about our verification process and expected completion date.

Within 45 calendar days — Standard Completion

We will complete deletion of your personal data and notify you with written confirmation. This is the standard CCPA response window from the date of receiving a verifiable request.

Up to 90 calendar days — Extended Completion

When reasonably necessary, MYGIA may extend the response period by an additional 45 days (totaling 90 days from the original request date). We will notify you before the end of the initial 45-day period, stating the reason for the extension.

Reasons for extension may include:

  • • High volume of concurrent deletion requests received simultaneously.
  • • Complexity of data spread across multiple third-party sub-processors.
  • • Ongoing legal hold or regulatory investigation requiring data preservation.

Denial of Request

If MYGIA cannot fulfill your deletion request due to a legal exemption, we will notify you within 45 days of the reason(s) for denial and your right to appeal the decision with us and to file a complaint with the California Privacy Protection Agency (CPPA) at cppa.ca.gov.

7

Deletion Confirmation

Upon completing your deletion request, MYGIA will provide written confirmation that includes:

  • The specific categories of personal data that were deleted.
  • The systems and service providers from which the data was removed.
  • Any categories of data that were retained and the legal basis for retention.
  • The date of deletion completion.
Confirmation will be sent to the email address or WhatsApp number used to submit the request. Keep this confirmation as a record of your request. You may request a re-deletion at any time if MYGIA collects new personal information about you in the future.

If you are not satisfied with our response, you may appeal by contacting us at [email protected] with the subject line "Deletion Request Appeal." California residents may also file a complaint with the California Privacy Protection Agency at cppa.ca.gov.

8

WhatsApp-Specific Data

MYGIA uses the WhatsApp Business API (operated by Meta Platforms, Inc.) for conversational automation. This section clarifies the scope of MYGIA's deletion capabilities with respect to WhatsApp data.

Data Under MYGIA's Control (Can Delete)

  • Conversation transcripts stored in MYGIA's internal databases or CRM systems.
  • Contact profiles created from WhatsApp interactions in our automation platform.
  • AI agent-generated notes, tags, and segmentation data derived from WhatsApp conversations.
  • Your WhatsApp number from our active marketing and outreach lists.

Data Under Meta's Control (MYGIA Cannot Delete)

Certain data is controlled by Meta Platforms, Inc. as an independent data controller under their own Privacy Policy. MYGIA has no ability to delete this data on your behalf:

  • Message metadata retained by WhatsApp's infrastructure (message timestamps, delivery receipts, read status).
  • Account information associated with your personal WhatsApp account (managed by your WhatsApp settings).
  • Data retained by Meta for legal compliance, safety, and integrity purposes under WhatsApp's Terms of Service.

To request deletion of Meta-controlled data, visit: whatsapp.com/legal/privacy-policy and use Meta's data deletion request form.

Submit Your Deletion Request

Fill out the form below and we will process your request. Alternatively, use email or WhatsApp (Section 4).

Data Categories to Delete *

Request Submitted

We have received your deletion request and will send you a confirmation email within 10 business days. Reference ID:

This form creates an email draft that will open in your default email client. We do not collect form data via JavaScript — all data goes directly to [email protected].