Subject Access Request Policy

Effective date: July 07, 2025

Introduction

A key aspect of the General Data Protection Regulations (GDPR) is giving individuals the right to access and, where applicable, amend or delete any information an organisation holds about them. Data protection law is outlined in GDPR. Additional guidance is available from the Information Commissioner’s Office (ICO) at https://ico.org.uk/for-the-public

These notes serve as a guide to completing the Cloud in India Subject Access Request Form, not as legal guidance on Subject Access Requests under GDPR. For further assistance, please contact us at info@cloudinindia.com

Your Rights
Under GDPR, you have the right (subject to certain exemptions) to know whether Cloud in India, as a data controller, holds or processes information about you. You may also request a copy of this information or ask for it to be corrected or deleted.

Cloud in India’s Rights
Where exemptions apply under GDPR, Cloud in India may withhold information. Common exemptions include cases where disclosure could:
Affect the carrying out of regulatory functions;
Prevent or detect crime; or
Prejudice the apprehension or prosecution of offenders.
We are not required to inform you if an exemption has been applied or explain the reason for withholding any information.

Fees
Cloud in India will not charge for Subject Access Requests except where requests are manifestly unfounded or excessive, or when additional copies are requested. Requests requiring a fee will not be processed unless the correct fee is included.

Processing Requests
Requests will be processed promptly, with a response provided within 30 calendar days from the date we receive a fully completed form, proof of identity, and any applicable fee.
For complex or numerous requests, we may extend processing to 60 days. In such cases, Cloud in India will inform you within the initial 30-day period.
Incomplete forms may be returned to ensure accuracy. Requests deemed manifestly unfounded, excessive, or repetitive may be refused, with a written explanation provided, including guidance on your right to complain or take further action.

Section 1 – Your Details
Provide information to help us locate the data you are requesting. Complete this section carefully, as it forms the basis of our search. All correspondence, including requested information, will be sent to the home address provided, unless submitted through a legal representative, in which case documentation and proof of identity are still required.

Section 2 – Proof of Identity
To ensure security, Cloud in India will only provide data once your identity is verified. Acceptable identification must be submitted with your application. Requests without proper proof of identity will not be processed.
Information identifying third parties will only be disclosed with their written consent, submitted alongside their proof of identity.

Section 3 – Help Us Find the Information
To assist our search, provide as much detail as possible, including potential locations of the information if known.

Section 4 – Declaration
Sign and date your application. Unsigned applications cannot be processed. Attempting to access data you are not entitled to may constitute a criminal offence.