Data Retention Policy
Last Updated: December 2, 2025
Version 1
Compliance
Data Retention Policy
Last Updated: December 3, 2025
Effective Date: December 3, 2025
1. Purpose
This policy defines how long we retain different categories of data and our deletion procedures.
2. Retention Periods by Data Category
Data Category | Retention Period | Justification
---------------|------------------|---------------
Account Information | Duration of account + 2 years | Service delivery, legal compliance
Compliance Documents | 7 years after upload | Regulatory requirements
Audit Trails | 7 years | Legal and compliance obligations
Transaction Records | 7 years | Tax and financial regulations
Support Tickets | 3 years after resolution | Quality assurance
Usage Analytics | 2 years | Platform improvement
Session Logs | 90 days | Security monitoring
Backup Data | 90 days | Disaster recovery
3. Legal Hold Procedures
Data subject to legal proceedings or investigations is preserved until hold is released, regardless of standard retention periods.
4. Data Deletion Methods
Soft Delete: Data marked as deleted, recoverable for 30 days
Hard Delete: Permanent removal from primary systems
Backup Purge: Removed from backups within 90 days
Secure Destruction: Cryptographic erasure for sensitive data
5. Account Termination
Upon account closure:
Active data deleted within 30 days
Compliance records retained per legal requirements
Backups purged within 90 days
Deletion confirmation provided upon request
6. Data Subject Requests
Deletion requests processed within 30 days. Some data may be retained for legal compliance.
7. Archive Procedures
Inactive accounts archived after 12 months of inactivity. Archived data retained per standard periods.
8. Contact
Data retention inquiries: privacy@milenialinc.com