Skip to main content
Under the GDPR — and similar privacy regimes — individuals have the right to access the data an organisation holds about them, and to request its deletion. Sign In provides a dedicated admin tool for answering these requests: User Information, under Administration → Compliance → User Information.

What you can look up

Given an identifier the individual has provided (typically an email address or phone number), User Information returns:
  • All login records tied to that identifier.
  • Associated session data — start, end, device information.
  • Module-specific metadata captured during sign-in (SAML attributes, self-provisioning fields, etc.).
  • Sponsor / host relationships if the individual was sponsored as a visitor.
The result is one consolidated view of everything Sign In knows about that person in this Context.

Responding to a data request

1

Verify the requestor's identity

Before producing data, confirm that the person requesting the data is who they claim to be. This is an Organization policy matter, not a Sign In feature.
2

Search by identifier

Enter the email or phone number in the User Information form.
3

Export

Export the results — typically a CSV or PDF the requestor can receive.
4

If deletion is requested, delete or anonymize

Use the deletion action available from the search result. Deletion removes the records; anonymization keeps the statistical footprint but strips personal identifiers.
5

Record the response

Keep your Organization’s record of how you handled the request, separate from Sign In.

What you cannot delete

Some records must be kept for legal or audit reasons even under a data-subject deletion request:
  • Admin audit logs — records of who in your Organization took which action, retained for internal accountability.
  • Aggregate statistics — post-anonymization counts that no longer identify any individual.
  • Billing-relevant totals if applicable.
Coordinate with your Organization’s Data Protection Officer or legal counsel before processing a deletion request to understand the boundary.

Scope

User Information operates per Sign-In Context. If the individual has data in multiple Contexts (for example, they’ve visited several venues within the same Organization), run the search separately in each Context.

Interaction with retention

Data retention automatically removes records after a configured window. User Information is the on-demand override for situations where a specific individual wants their data gone sooner.

Data retention

The automatic retention window for all guest data.

Terms and conditions

Communicate guests’ privacy rights up front.