← All policies
Data Retention Policy
How long we keep data, and when we delete it.
Last updated: June 29, 2026Version 0.1 (Draft)
Draft - not yet in force. This is version 0.1, pending review by qualified legal counsel. Some details shown in brackets are placeholders to be finalised before launch. It is provided for planning and is not legal advice.
1. Purpose
This policy describes how long Chatonics retains data and how it is deleted, balancing service needs, customer expectations, and legal obligations.
2. Principles
- Keep data only as long as needed for the purpose it was collected.
- Delete or anonymize when no longer needed, subject to legal requirements.
- Customers control their workspace data and can request export or deletion.
3. Retention schedule (proposed)
| Data type | Retention | Notes |
|---|---|---|
| Active workspace data | While the account is active | Conversations, tickets, contacts |
| Closed account data | [grace period], then deleted | Subject to legal holds |
| Backups | [retention window] | Rotated and overwritten |
| Logs (operational) | [short window] | For debugging and security |
| Audit logs | [longer window] | For accountability |
| Billing records (future) | As required by law | When payments launch |
Periods shown as placeholders to confirm with counsel.
4. Deletion
- On account closure, data is deleted or returned per the Privacy Policy and DPA.
- Deletion propagates to backups within the normal backup rotation window.
- Some data may be retained where required by law (for example, tax or legal holds).
5. Customer requests
- Customers can request export of their data before closing an account.
- Data-subject deletion requests are handled per the Privacy Policy.
6. Review
This policy is reviewed periodically and updated as the product, law, and infrastructure evolve.