Data Deletion
Request deletion of your personal data from UMAP360. We respect your right to control your data under DPDPA 2023, GDPR, and CCPA.
About This Page
Effective: April 2026
This page serves as the official data deletion instruction URL for UMAP360. It is registered with the Meta Business Platform as our data deletion callback page and provides a unified deletion request process for all users.
Through this page, you can exercise your data deletion rights under:
- DPDPA 2023 — Right to correction and erasure under India’s Digital Personal Data Protection Act
- GDPR — Right to erasure (“right to be forgotten”) under the EU General Data Protection Regulation
- CCPA — Right to delete personal information under the California Consumer Privacy Act
UMAP360 is operated by UMAP360 Private Limited (CIN: U62020AP2026PTC124230), registered at D.No: 4-135/5, Flat No:504 Sri Shanmukha, Gollapudi, Krishna, Krishna-521225, Andhra Pradesh, India.
Who Can Request Deletion
A. UMAP360 Dashboard Users (B2B Customers)
You can request deletion of your own account and all associated organization data. You may also request deletion of specific data categories (for example, ad connector data only) without deleting your full account.
B. End Users of UMAP360 Customers
UMAP360 acts as a data processor for behavioral data collected via the SDK. If your data was collected by a UMAP360 customer, you should first contact that customer (the data controller) directly. The UMAP360 customer can then instruct us to delete your data through their dashboard or API.
If you cannot reach the UMAP360 customer who collected your data, contact us at contact@umap360.com and we will assist.
C. Meta/Facebook Users
If you authorized UMAP360 through Facebook Login or connected your Meta Ads account, you can request deletion of all Meta-sourced data. UMAP360 supports Meta’s data deletion callback protocol. You can also revoke access through Facebook > Settings & Privacy > Settings > Security and Login > Business Integrations.
D. Google Users
If you connected your Google Ads account via OAuth, you can request deletion of all Google-sourced data. You can also revoke access through Google Account > Security > Third-party apps with account access, or through your UMAP360 dashboard settings.
What Data Gets Deleted
When we process a deletion request, the following data is removed:
- Account information (name, email, password hash, profile settings)
- Organization data (if you are the sole owner/member)
- SDK behavioral event data associated with your account/organization
- Ad connector configurations and OAuth tokens (Google Ads, Meta Ads)
- Campaign metrics and conversion data synced from ad platforms
- Audience segments and membership data
- Consent records
- Email delivery logs associated with your account
What Data is NOT Deleted
Certain data must be retained under applicable law:
Billing and Payment Records
Retained for 8 years as required by India’s GST Act for tax compliance.
Legal Compliance Data
Data required for compliance with legal obligations, defense of legal claims, or regulatory requirements.
Aggregated/Anonymized Data
Data that has been aggregated or anonymized such that it can no longer identify any individual may be retained indefinitely.
Data in Backups
Backups operate on a 30-day rolling window. Your data will be purged from all backups within 30 days of the deletion being processed.
Audit Logs
Minimal audit logs of the deletion request itself are retained for compliance verification.
Third-Party Systems
We will forward deletion requests to our sub-processors (see our Privacy Policy). Each sub-processor processes deletions per their own retention schedules.
Soft Deletion & Permanent Purge
UMAP360 uses a soft deletion approach to protect against accidental data loss:
1. Immediate Effect
Upon processing your deletion request, your data is immediately made inaccessible. It will no longer appear in any dashboard, report, API response, or export.
2. 90-Day Grace Period
Soft-deleted data is retained in an inaccessible state for 90 days. During this period, you may contact us to reverse the deletion if it was made in error.
3. Permanent Purge
After the 90-day grace period, all soft-deleted data is permanently and irreversibly purged from our systems.
4. Backup Purge
Data in database backups is purged within 30 days of the permanent purge, as backups rotate on a 30-day cycle.
This approach balances your right to erasure with protection against accidental or unauthorized deletion requests.
Account Deletion vs. Data Deletion
We distinguish between two types of requests:
Account Deletion
Your entire UMAP360 account is closed. All associated data (personal info, organization data, connected platforms, event data) is soft-deleted. This action is irreversible after the 90-day grace period. If you are the sole owner of an organization, the organization and all its data will also be deleted.
Selective Data Deletion
Specific categories of data are removed while your account remains active. For example, you may request deletion of all Google Ads data while keeping your account and Meta Ads data intact. Available categories:
- Ad connector data (Google, Meta, or both)
- SDK behavioral event data
- Audience segments
- Campaign data
Deletion Process & Timeline
Step 1 — Submit Your Request
Use the form below, or email contact@umap360.com with the subject “Data Deletion Request”.
Step 2 — Identity Verification
We will verify your identity to protect against unauthorized deletion requests. You may be asked to confirm your request from the email address associated with your account.
Step 3 — Acknowledgment
You will receive an acknowledgment email within 3 business days confirming receipt of your request, along with a unique confirmation code for tracking.
Step 4 — Processing
Your deletion request will be processed within:
- DPDPA: 30 days of receipt
- GDPR: 1 month of receipt (extendable by 2 months for complex requests, with notification)
- CCPA: 45 days of receipt (extendable by 45 days, with notification)
- Meta callback: initiated immediately upon receiving the signed request
Step 5 — Confirmation
You will receive a confirmation email once the deletion has been processed, confirming which data categories were deleted.
Step 6 — Sub-Processor Propagation
Deletion requests are forwarded to relevant sub-processors. Full propagation across all systems may take up to an additional 30 days.
Meta Data Deletion (Facebook)
If you authorized UMAP360 via Facebook Login or connected a Meta Ads account:
- UMAP360 is registered with Meta as a data deletion callback provider
- When you remove UMAP360 from your Facebook Business Integrations, Meta sends us an automated deletion request
- We process this request by soft-deleting all Meta-sourced data associated with your Facebook user ID
- You will receive a confirmation code and a URL to check the status of your deletion
To manually request deletion of Meta data, use the form below or email contact@umap360.com.
To Remove UMAP360 from Facebook
- Go to Facebook > Settings & Privacy > Settings
- Navigate to Security and Login > Business Integrations
- Find UMAP360 and click Remove
Google Data Deletion
If you connected your Google Ads account via OAuth:
- You can disconnect Google Ads from UMAP360 at any time through your dashboard settings
- Upon disconnection, your Google OAuth tokens are immediately revoked and deleted
- All Google Ads data (campaign metrics, conversion data, audience segments) is soft-deleted and becomes inaccessible within 24 hours
- Permanent purge occurs after 90 days
To Revoke UMAP360’s Access from Google
- Go to Google Account (myaccount.google.com) > Security
- Under “Third-party apps with account access”, find UMAP360
- Click Remove Access
End-User Data Deletion (Processor Role)
UMAP360 collects behavioral data (page views, clicks, events) on behalf of our customers via the UMAP360 SDK. For this data:
- UMAP360 acts as a data processor, not a data controller
- The UMAP360 customer who installed the SDK is the data controller
- End users should first contact the UMAP360 customer directly to request deletion
- The UMAP360 customer can delete end-user data through their dashboard (Tools > Consent Manager) or via the UMAP360 API
- UMAP360 will process the deletion within 30 days of receiving the instruction from the data controller
If you cannot identify or reach the data controller, contact us at contact@umap360.com and we will make reasonable efforts to assist.
Deletion Request Form
Complete the form below to submit a data deletion request. All fields marked with * are required.
Data Protection Officer
Our Data Protection Officer and Grievance Officer (as required under DPDPA 2023) is:
For questions about this page, your deletion request, or any privacy concern, please contact our DPO. We aim to respond to all inquiries within 3 business days.
Need Help?
If you have questions about data deletion or need assistance with your request, our Data Protection Officer is here to help.