Data Retention & Deletion Policy

Effective Date: January 1, 2025

1. Purpose

This Data Retention & Deletion Policy explains how long Summit Digital Innovations retains customer data, the legal and business reasons for retention, and our procedures for secure data deletion.

2. Scope

This policy applies to all data collected, processed, and stored by Summit Digital Innovations, including:

• Customer account information
• Financial and accounting records
• Transaction data (invoices, bills, payments)
• User activity and audit logs
• System backups
• Communication records

3. Retention Periods by Data Type

3.1 Active Account Data

Retention Period: Duration of active subscription + 90 days

Data Types:

• User profiles and account settings
• Company profiles and configurations
• Current financial records
• Active invoices, bills, and transactions

Rationale: Required to provide the Service. 90-day grace period allows for subscription renewals and account recovery.

3.2 Financial Records (Historical)

Retention Period: 7 years from transaction date

Data Types:

• Historical invoices and sales receipts
• Bill payments and vendor transactions
• Journal entries and general ledger records
• Bank reconciliations
• Tax-related documents (1099s, etc.)
• Chart of accounts and account balances

Rationale: IRS requires businesses to retain financial records for 7 years for tax audit purposes (IRC § 6001). This applies even after account closure.

Exception: If you request deletion under GDPR or CCPA, we will evaluate whether legal retention requirements apply and document the basis for continued retention if applicable.

3.3 Audit Logs

Retention Period: 1 year

Data Types:

• User authentication events (logins, logouts, MFA)
• Financial record changes (create, update, delete, void)
• Permission changes and role assignments
• Security events (failed logins, suspicious activity)
• API access logs

Rationale: Security monitoring, fraud detection, and compliance investigations. Balances security needs with privacy considerations.

See our Audit Log Retention Policy for complete details.

3.4 System Backups

Retention Period: 90 days

Data Types:

• Full database snapshots
• Incremental backups
• Disaster recovery archives

Rationale: Disaster recovery and data restoration. Automated purge after 90 days prevents indefinite backup retention.

See our Backup Retention Policy for complete details.

3.5 Customer Support Communications

Retention Period: 3 years

Data Types:

• Support tickets and email correspondence
• Chat transcripts
• Phone call records (metadata only, no recordings)

Rationale: Service quality improvement, dispute resolution, and historical context for recurring issues.

3.6 Marketing and Communication Preferences

Retention Period: Duration of active subscription + 2 years

Data Types:

• Email subscription preferences
• Opt-out records
• Communication history

Rationale: Honor opt-out requests and maintain suppression lists to prevent unwanted communications.

3.7 Authentication Credentials

Retention Period: Duration of active account + 30 days

Data Types:

• Password hashes (never plaintext)
• MFA device registrations
• Session tokens (expire after 24 hours of inactivity)

Rationale: Account security. 30-day grace period allows account recovery after accidental closure.

3.8 Deleted/Voided Records

Retention Period: Same as original record type (see 3.2)

Handling:

• Financial records are never hard-deleted; they are marked as "voided" or "deleted"
• Deletion is recorded in audit logs with timestamp, user, and reason
• Voided records remain visible in reports with "VOID" watermark

Rationale: Audit trail integrity and compliance with financial recordkeeping standards.

4. Data Deletion Procedures

4.1 Automated Deletion

When retention periods expire, we use automated processes to securely delete data:

• Database Records: Rows are permanently deleted (PostgreSQL DELETE) and vacuum operations reclaim space
• File Storage: S3 objects are deleted via lifecycle policies
• Backups: Expired backups are automatically purged after 90 days
• Audit Logs: Archived to cold storage after 90 days, purged after 1 year

4.2 User-Requested Deletion

You can request account and data deletion by contacting privacy@summit-di.com. We will:

1. Verify Your Identity: Confirm your identity before processing deletion requests
2. Review Legal Obligations: Determine if any data must be retained for compliance (see 3.2)
3. Delete Eligible Data: Within 30 days, delete all data not subject to legal retention
4. Provide Confirmation: Send written confirmation of deletion completion
5. Document Retention: If some data must be retained, we'll explain what, why, and for how long

4.3 Deletion Timeline After Account Closure

When you close your account or your subscription ends:

• Day 0: Account marked as closed; access disabled
• Days 1-30: Account data retained for recovery (in case of accidental closure)
• Day 31: Account data deleted, except financial records
• Day 90: Removed from all active backups (new backups no longer include your data)
• Day 365: Audit logs purged
• Year 7: Financial records purged (after IRS retention period expires)

4.4 Secure Deletion Methods

We use industry-standard secure deletion methods:

• Database: PostgreSQL DELETE with VACUUM to reclaim space
• File Storage: AWS S3 lifecycle policies with permanent deletion (no soft delete after expiration)
• Backups: Backup files overwritten and deleted; not retained in archived backup sets
• Encryption Keys: Deleted when no longer needed, rendering encrypted data unrecoverable

5. Legal and Regulatory Basis for Retention

5.1 IRS Requirements (United States)

Internal Revenue Code § 6001 requires businesses to keep financial records for at least 3 years from tax filing date, but IRS recommends 7 years for most records. We retain financial data for 7 years to provide adequate protection for tax audits.

5.2 GDPR (European Union)

Under GDPR Article 17 (Right to Erasure), EU users can request data deletion. However, GDPR allows retention when necessary for:

• Compliance with legal obligations (Article 17(3)(b))
• Establishment, exercise, or defense of legal claims (Article 17(3)(e))

If you request deletion under GDPR, we will document the legal basis for any data we continue to retain.

5.3 CCPA (California, USA)

California residents have the right to request deletion under CCPA § 1798.105. Exceptions apply for:

• Completing transactions for which the data was collected
• Complying with legal obligations (e.g., IRS recordkeeping)
• Internal uses reasonably aligned with customer expectations

5.4 GLBA (Financial Services, USA)

The Gramm-Leach-Bliley Act requires financial institutions to protect customer financial information. Our retention practices align with GLBA security and recordkeeping requirements.

6. Data Minimization

We collect and retain only the data necessary to provide our Service:

• Collection: We do not collect data we don't need
• Retention: We delete data when retention periods expire
• Access: We limit internal access to data based on job role (see our Security Policy)

7. Data Export Before Deletion

Before deleting your account, we recommend exporting your data:

• Financial Reports: Download PDF copies of Profit & Loss, Balance Sheet, and General Ledger
• Transaction History: Export CSV files of invoices, bills, payments
• Customer/Vendor Lists: Export contact lists
• Attachments: Download all uploaded documents (invoices, receipts)

Contact support@summit-di.com for assistance with data export.

8. Third-Party Data Processors

Our data retention policy applies to data we control. Third-party processors have their own retention policies:

• Stripe: Retains payment data per PCI DSS requirements and Stripe's retention policy
• Plaid: Retains bank connection metadata per Plaid's retention policy
• Twilio: Retains SMS logs per Twilio's retention policy

We do not control third-party retention periods but select vendors with privacy-conscious practices.

9. Changes to This Policy

We may update this policy to reflect changes in legal requirements or business practices. Material changes will be communicated via:

• Email notification to active account holders
• In-app notice upon next login
• Updated effective date on this page

10. Contact Us

For questions about data retention or to request deletion:

Summit Digital Innovations
Email: privacy@summit-di.com
Data Deletion Requests: privacy@summit-di.com
Support: support@summit-di.com

Related Policies:

• Privacy Policy
• Audit Log Retention Policy
• Backup Retention Policy
• Information Security & Incident Response Policy
• All Policies