Data Protection Operations · pdpa-2026-06-public-beta

AdvisorOS Data Protection Operating Notes

This page documents the operating controls expected inside an AdvisorOS workspace.

Collect lessUse minimum lead/client workflow data. Avoid NRIC, residential address and unnecessary sensitive details.
Show lessUse Client Mode snapshots for screen sharing. Snapshots hide internal notes, lead status and admin metrics.
Access lessAdvisors see own records; managers see team records; platform owners administer platform operations.
Keep evidenceUse audit logs for login, account approval, client view, snapshot creation, imports and admin actions.

Data request workflow

  1. Record the request type: access, correction, export, deletion or withdrawal.
  2. Verify requester authority before disclosing or changing data.
  3. Review legitimate retention, compliance, dispute-handling and business needs.
  4. Complete or reject the request with a documented resolution note.

Incident workflow

  1. Contain the issue by revoking affected sessions, access and keys.
  2. Assess affected records, affected persons, likely harm and timeline.
  3. Document evidence, remedial action and follow-up ownership.
  4. Escalate to the configured data-protection contact and follow applicable notification requirements.

Contact

AdvisorOS · AdvisorOS Data Protection Contact · privacy@advisoros.space