Data Retention Policy
Last updated: June 2026 · Version 1.0 (placeholder — to be reviewed by legal counsel before launch)
We keep personal data only for as long as necessary for the purposes for which it was collected, or to meet a legal obligation.
Default retention periods
- Account profile — kept while your account is active, deleted within 30 days of account closure.
- Survey responses — retained indefinitely in anonymised, aggregate form; personal identifiers are removed on account deletion.
- Notifications — 12 months.
- Consent log (gdpr_consents) — 6 years (legal/audit requirement).
- Account deletion requests — 6 years for audit purposes.
- Voucher / redemption records — 7 years (financial record-keeping).
- Referral records — 2 years from creation.
- IP & device logs (fraud) — 12 months.
- Backups — overwritten on a rolling 30-day cycle.
Deletion process
When you request deletion, we acknowledge within 7 days and complete deletion within 30 days, except where law requires us to keep certain records (e.g. financial). Anonymised, aggregated data may be retained as it no longer identifies you.
Backups
Personal data in backups is removed during the next backup rotation cycle following deletion.
This is placeholder text intended for review by qualified legal counsel before public launch.