/
Data Retention and Disposal Policy

Data Retention and Disposal Policy

  1. Introduction and Purpose

This Data Disposal Policy outlines the procedures and guidelines for the secure and responsible disposal of data stored, processed, and managed by EliteID (the "Application") within its cloud-based infrastructure. The purpose of this policy is to ensure compliance with relevant data protection regulations (e.g., GDPR, CCPA), minimize data retention risks, protect sensitive information, and maintain data integrity throughout its lifecycle.

  1. Scope

This policy applies to all data, in any format (structured, unstructured, electronic, or physical), that is collected, stored, processed, or transmitted by the Application and its associated cloud services. This includes, but is not limited to, customer data, user-generated content, system logs, backups, and metadata. It applies to all employees, contractors, and third parties who have access to or are responsible for managing data within the Application's cloud environment.

  1. Definitions

  • Data: Any information, including personal data, sensitive data, and operational data, collected, stored, or processed by the Application.

  • Disposal: The permanent removal or destruction of data to render it irrecoverable and inaccessible.

  • Data Retention Schedule: A documented plan that specifies the period for which different types of data must be kept.

  • Cloud Provider: The third-party service provider hosting the Application's infrastructure (e.g., AWS, Google Cloud, Azure).

  • Personal Data: Any information relating to an identified or identifiable natural person.

  • Sensitive Data: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person's sex life or sexual orientation.

  1. Policy Principles

  • Minimization: Data will only be retained for as long as necessary to fulfill the purpose for which it was collected, or as required by law or contractual obligations.

  • Security: Data disposal will be performed using methods that ensure the data is irrecoverable and protected from unauthorized access or disclosure.

  • Compliance: Data disposal activities will comply with applicable laws, regulations, industry standards, and contractual agreements.

  • Accountability: Clear responsibilities for data disposal will be assigned and documented.

  • Transparency: Where appropriate and legally permissible, data subjects will be informed about data retention periods and disposal practices.

  1. Data Classification

Data within the Application will be classified based on its sensitivity, criticality, and regulatory requirements. This classification will inform the appropriate retention periods and disposal methods. Typical classifications may include:

  • Public Data: Data intended for public consumption, with minimal privacy concerns.

  • Internal Data: Non-sensitive data used for internal operations.

  • Confidential Data: Data that, if disclosed, could cause harm to the organization or individuals (e.g., business strategies, non-public financial data).

  • Personal Data: Data that identifies or can identify an individual.

  • Sensitive Personal Data: Data requiring the highest level of protection due to its nature (e.g., health records, financial account numbers).

  1. Data Retention Schedule

Unless otherwise specified, customer data (both user data and cardholder data) will be retained for a maximum of 30 days after the termination of the EliteID contract.  At the customer’s request, data deletion may occur sooner than the 30-day period as soon as commercially viable.

  1. Disposal Methods

The method of data disposal will depend on the data's classification, the storage medium, and the cloud provider's capabilities. Approved disposal methods include:

  • Logical Deletion/Purging: For data stored in databases or file systems, this involves overwriting data multiple times or marking it for permanent deletion by the cloud provider's services. This method is suitable for non-sensitive data or when the underlying storage is managed by the cloud provider with certified secure erasure.

  • Cryptographic Erasure: For encrypted data, the destruction of the encryption keys renders the data unintelligible and effectively unrecoverable. This is often used in conjunction with logical deletion.

  • Physical Destruction (for hardware): While primarily managed by the cloud provider, for any on-premise components or dedicated hardware, physical destruction (e.g., shredding, degaussing) will be used for storage media containing sensitive data.

  • Cloud Provider Services: Utilizing the cloud provider's native data destruction services and APIs that are certified to meet industry standards for secure data erasure (e.g., AWS S3 lifecycle policies with permanent deletion).

  1. Disposal Triggers

Data disposal will be triggered by one or more of the following events:

  • Contract Termination: Upon termination of a contract with a customer, all associated customer data will be disposed of within 30 days, as per contractual agreements.

  • User Request: Upon a valid request from a data subject to erase their personal data (e.g., "right to be forgotten" under GDPR), unless there is a legal obligation to retain it.

  • System Decommissioning: When a system, service, or application is decommissioned, all data associated with it will be securely disposed of.

  • Data Redundancy/Obsoletion: When data becomes redundant, obsolete, or no longer serves a business purpose.

  1. Responsibilities

  • Application Development/Operations Team: Responsible for implementing and executing data disposal procedures, utilizing cloud provider tools, and ensuring the technical feasibility of disposal methods.

  • Compliance/Legal Team: Responsible for advising on legal and regulatory requirements related to data retention and disposal, and for reviewing the Data Retention Schedule.

  • Security Team: Responsible for ensuring that data disposal methods meet security standards and that disposal processes are secure.

  • Cloud Provider: Responsible for the secure erasure of underlying physical storage media as per their service agreements and certifications.

10. Documentation and Audit

All data disposal activities will be documented, including:

  • The date and time of disposal.

  • The method of disposal used.

  • The individual(s) who authorized and performed the disposal.

  • Confirmation of successful disposal.

Regular audits will be conducted to verify compliance with this policy and the Data Retention Schedule.

11. Policy Review

This policy will be reviewed at least annually, or more frequently if there are significant changes in legal requirements, regulatory guidance, technology, or business operations.

12. Enforcement

Any violation of this policy may result in disciplinary action, up to and including termination of employment or contractual agreements and may also lead to legal action in cases of severe non-compliance or data breaches.

 

 

Revision 1.0 (06/05/25)