Data Retention & Deletion Policy

This policy gives effect to the storage-limitation principle in Art. 5(1)(e) GDPR. Data is retained only for as long as necessary for the purposes for which it was collected or as required by law, and is then deleted or anonymised.

1. Retention schedule

• Account and identity data: for the life of the account plus 12 months, then deleted or anonymised.
• Customer repository content, prompts and generated outputs: for the duration of the subscription, plus a wind-down period of 30 days for export, after which data is deleted on customer instruction or 90 days after termination by default.
• Telemetry, audit logs and explainability records: retained for a minimum of 12 months and a maximum of 24 months in active systems, subject to longer retention where required for security, legal hold or regulatory obligation.
• Billing and tax records: 6 years from the relevant transaction, in accordance with Irish revenue and company law requirements.
• Support correspondence: 24 months from closure of the ticket.
• Recruitment data of unsuccessful candidates: 12 months, with consent.
• HR records: for the duration of employment plus 7 years, in line with employment-law limitation periods.
• CCTV and physical security logs: 30 days.

2. Deletion windows and backups

• Active-system deletion is performed within 30 days of trigger event (account closure, deletion request, end of retention period).
• Encrypted backups retaining deleted records are overwritten on the backup rotation schedule, currently 35 days, after which the data is no longer recoverable.
• Audit logs of deletion activity are themselves retained on a separate, shorter schedule sufficient to evidence compliance.

3. Legal holds

Records under legal hold (ongoing or reasonably anticipated litigation, regulatory investigation, or law-enforcement preservation request) are exempt from scheduled deletion for the duration of the hold and are removed promptly when the hold is lifted.

4. Anonymisation

Where Prodia retains data beyond a personal-data retention period for legitimate statistical, security or product-improvement purposes, the data is anonymised in accordance with Article 29 Working Party Opinion 05/2014 and is no longer personal data within the meaning of the GDPR.

5. Right of erasure

Data subjects may request erasure under Art. 17 GDPR by writing to privacy@prodia.dev. Where Prodia acts as processor, requests are forwarded to the relevant customer controller and actioned in accordance with the Data Processing Addendum.

6. Customer-initiated deletion

Customers may delete content directly through the platform at any time. Bulk export is available throughout the subscription and during the wind-down period.