Data Retention Policy
This policy outlines how long we retain your data and when it is automatically deleted to protect your privacy and comply with regulations.
Automatic Deletion
Data automatically deleted per retention schedule
Secure Storage
Encrypted storage with access controls
GDPR Compliant
Right to be forgotten implemented
1. Data Categories & Retention Periods
Account Data
- • User Profile: Retained while account is active
- • Authentication Data: Retained while account is active
- • Account Settings: Retained while account is active
- • Deletion: Permanently deleted within 30 days of account closure
Financial Data
- • Bank Account Information: Retained while account is active
- • Transaction Data: Retained for 2 years for service improvement
- • Subscription Data: Retained for 1 year after detection
- • Access Tokens: Revoked immediately upon disconnection
Analytics & Usage Data
- • Usage Statistics: Anonymized and retained for 3 years
- • Performance Metrics: Aggregated data retained for 5 years
- • Error Logs: Retained for 1 year
- • Personal Identifiers: Removed after 6 months
Communication Data
- • Support Tickets: Retained for 2 years
- • Email Communications: Retained for 1 year
- • Feedback & Reviews: Retained for 3 years
- • Marketing Communications: Retained until opt-out
2. Data Deletion Procedures
Automatic Deletion
- • Scheduled Cleanup: Automated deletion runs daily
- • Retention Checks: Data older than retention period is flagged
- • Secure Deletion: Data is overwritten multiple times before deletion
- • Audit Trail: All deletions are logged for compliance
Manual Deletion
- • Account Closure: User-initiated account deletion
- • Data Export: Users can export data before deletion
- • Immediate Processing: Deletion requests processed within 24 hours
- • Confirmation: Users receive confirmation of data deletion
Legal Holds
- • Litigation Hold: Data may be retained longer for legal proceedings
- • Regulatory Requirements: Some data retained per legal requirements
- • Notification: Users notified if data retention extended
- • Documentation: All legal holds documented and tracked
3. Data Backup & Recovery
Backup Procedures
- • Daily Backups: Encrypted backups created daily
- • Retention: Backups retained for 30 days
- • Geographic Distribution: Backups stored in multiple locations
- • Access Controls: Backup access restricted to authorized personnel
Recovery Procedures
- • Recovery Time: 4-hour recovery time objective
- • Data Integrity: Checksums verify backup integrity
- • Testing: Recovery procedures tested quarterly
- • Documentation: Recovery procedures documented and updated
4. Your Rights
Data Subject Rights
- • Right to Access: Request a copy of your data
- • Right to Rectification: Correct inaccurate data
- • Right to Erasure: Request deletion of your data
- • Right to Portability: Export your data in machine-readable format
- • Right to Restriction: Limit processing of your data
- • Right to Object: Object to processing of your data
How to Exercise Your Rights
- • Account Settings: Manage data through your account dashboard
- • API Endpoints: Use our data export and deletion APIs
- • Support Contact: Email privacy@killsub.com for assistance
- • Response Time: We respond to requests within 30 days
5. Policy Updates
Review Schedule
- • Annual Review: Policy reviewed annually
- • Regulatory Changes: Updated when regulations change
- • Business Changes: Updated when business practices change
- • User Notification: Users notified of material changes
Change Management
- • Version Control: All changes tracked and versioned
- • Approval Process: Changes require legal and technical review
- • Implementation: Changes implemented with proper testing
- • Communication: Changes communicated to all stakeholders
Questions About Data Retention?
If you have questions about our data retention practices or want to exercise your data rights:
For data deletion requests, please include "DATA DELETION REQUEST" in the subject line.