Data Retention Policy
1. Policy Overview
At Admin, we are committed to maintaining the privacy and security of your data. This Data Retention Policy outlines how long we retain different types of data, the reasons for retention, and the procedures for data deletion and archiving.
Our goal is to retain data only for as long as necessary to provide our services, comply with legal obligations, and resolve disputes. When data is no longer required, it is securely destroyed or anonymized in accordance with industry best practices.
Commitment to Data Minimization
We follow the principle of data minimization. We only collect and retain data that is strictly necessary for the provision of our services and legal compliance.
2. Categories of Data
Admin processes and retains several categories of data. Understanding these categories helps clarify how long your information is stored.
- Account Data: Information required to maintain your user account, including username, email, and authentication credentials.
- Transaction Data: Records of billing, subscriptions, and payment processing required for financial compliance.
- User-Generated Content: Data, files, configurations, and workspace items created or uploaded by you.
- Usage & Log Data: Technical logs, access records, and analytics data collected for security and service improvement.
- Communication Data: Support tickets, email correspondence, and chat logs.
3. Retention Schedule
The following table details the specific retention periods for each data category. Retention periods begin from the date the data is created, last updated, or when the account is terminated, whichever is applicable.
| Data Category | Description | Retention Period | Retention Trigger |
|---|---|---|---|
| Account | User profile, credentials, preferences | Account Lifetime + 90 days | Account Deactivation |
| Transaction | Invoices, receipts, payment logs | 7 Years | Transaction Date |
| Content | Uploaded files, workspace data, configs | Account Lifetime | User Managed |
| Backups | Automated system backups | 30 Days | Backup Creation |
| Security | Access logs, audit trails, IP logs | 90 Days | Log Generation |
| Analytics | Usage metrics, performance data | 18 Months | Data Collection |
| Support | Tickets, emails, chat transcripts | 24 Months | Last Activity |
Account Deletion Grace Period
When you request account deletion, your account enters a 90-day grace period. During this time, data is retained but marked for deletion. If you reactivate within this window, your data is restored. After 90 days, data is permanently purged from active systems.
4. Deletion Process
4.1 Automated Purging
Data that has exceeded its retention period is automatically flagged for deletion by our compliance systems. The deletion process occurs in two phases:
- Logical Deletion: Data is immediately removed from active databases and becomes inaccessible to users and administrators.
- Physical Erasure: Within 30 days of logical deletion, data is securely wiped from all storage media, including backups, using industry-standard cryptographic erasure or physical destruction methods.
4.2 Anonymization
Where possible, data that cannot be immediately deleted due to legal or technical constraints is anonymized. Anonymized data cannot be linked back to an individual and is considered non-personal data.
5. Legal Exceptions
Admin may retain data beyond the standard retention periods in the following circumstances:
- Legal Obligations: If required by law, regulation, or government authority.
- Legal Proceedings: If data is required for ongoing or anticipated litigation, arbitration, or dispute resolution.
- Security Investigations: If data is necessary to investigate, prevent, or detect fraud, security breaches, or abuse of services.
- Business Continuity: If immediate deletion would cause significant harm to the stability or security of the platform.
Law Enforcement Requests
We may be compelled to retain data if served with a valid legal request, such as a subpoena or court order. In such cases, we will comply with the request while preserving user privacy to the maximum extent permitted by law.
6. User Rights & Requests
Users have the right to manage their data and request retention adjustments where technically feasible.
- Access: Request a copy of all personal data we hold.
- Correction: Update or correct inaccurate personal data.
- Deletion: Request immediate deletion of personal data, subject to the grace period and legal exceptions.
- Portability: Export your data in a machine-readable format.
- Restriction: Request that we restrict processing of your data under certain conditions.
To exercise these rights, use the tools available in your account settings or contact our Data Protection Officer.
7. Contact Information
If you have questions about this Data Retention Policy, wish to make a request regarding your data, or have concerns about our data practices, please contact our Data Protection team.
Data Protection Officer
For privacy inquiries, retention requests, or legal matters:
✉️ dpo@admin.com