Data retention policy
We retain user data in accordance with local laws and GDPR. Generally this means data is retained until we receive a legal request to remove it. For normal application data this means we remove all records of the user from our systems within the legal limits set by GDPR. Our analytical data is designed to be completely free of PII. The only data we may keep for some time after a removal request, is due to adherence to other data retention regulation, such as in the case of financial records and transaction data which tax authorities require to be kept for a number of years.
Data archiving and removal policy
As stated in the data retention policy above, personal user data is completely removed within the timeframe stipulated by the GDPR (30 days) although usually the process is much quicker, and our support agents usually complete this within a day or two of receiving such a request.
Data storage policy
We store our application data in an AWS datacenter in Northern Virginia. Backups are kept for 30 days, so their existence should not threaten our ability to respect data removal/retention strategies.
Data center location(s)
United States
Data hosting details
We are cloud hosted on AWS.
App/service has sub-processors
no