AutoLit® User Guide
Examining Results in Synthesis
Administrative Tools
Support and FAQs
Best Nest Building Practices
SLR Basics: How to Perform Systematic Review
NMA Basics: How to Perform a Meta-Analysis
Best Practices for Writing a Publishable Manuscript
The document retention policy exists to reduce risks, eliminate waste, and abide by relevant laws by specifying procedures pertaining to the retention, storage and deletion of physical and digital records.
This policy affects all Nested Knowledge employees, contractors, consultants, and business partners.
Digital records include contracts, operating agreements, tax returns, emails, chats, voice messages, invoices, meeting notes, presentations, scanned documents submitted by employees or external sources, and social media posts.
Nested Knowledge does not process any physical documents except for checks and remittance notices. Nested Knowledge processes checks for existing enterprise customers. Checks and remittance notices are to be shredded 90 days after deposit. If document processing activities change, Nested Knowledge will revise this policy based upon the risk of the data contained in the new documents.
Nested Knowledge will keep tax-related records for at least eight years, or until acquired.
Nested Knowledge will keep payroll records for three years, or until acquired.
Ethical Conduct
Nested Knowledge will keep records demonstrating adherence to Ethics Code of Conduct–including compliance with regulations for data protection, cybersecruity, anti-bribery, anti-corruption, intellectual property, and human rights– for seven years.
Nested Knowledge has implemented a 401(k) plan. All documentation will be maintained in accordance with Employee Retirement and Income Security Act (ERISA).
Records related to health insurance are subject to retention rules specified by the Health Insurance Portability and Accountability Act (HIPAA).
Records to employees, such as benefits, time tracking, performance evaluations, or training documents should be stored in an accessible, secure digital location. Records should be kept for three years following the employees termination (or until company is acquired).
According the Uniform Preservation of Business Records Act, documents not covered under any particular statute can be destroyed after three years. Nested Knowledge employees will be encourage to destroy digital documents after three years to preserve storage spaces.
In the event of active or imminent litigation, the above policy will be suspended.
Retention of data shall be performed in compliance with with our Data Classification scheme:
| Data Class | Description | Retention Procedure | Legal Regulations |
| Public Data | Data that may be disclosed to anyone, regardless of their affiliation with Nested Knowledge. | Public data will be reviewed at least annually for relevance and accuracy and may be deleted at will. | No specific retention period is mandated. |
| Internal Company Data | Potentially sensitive information not intended for public sharing. | Internal data shall be retained according the guidance in Part A of this policy. | Internal documents may be subject to requirements from ERISA, HIPAA, and the Internal Revenue Code. |
| Confidential Data | Information that, if made available to unauthorized parties, may adversely affect individuals, partner organizations, or Nested Knowledge. This includes data that falls under “Confidential Data” in the Data Classification Policy. | Confidential data shall be retained for a period of 3 years, or as required by applicable contractual and regulatory requirements, whichever is longer. | |
| Restricted Use Data: Emails, Filesystems, and Support Applications | Information that Nested Knowledge has a contractual, legal, or regulatory obligation to safeguard stringently. This includes Personally Identifiable Information and Unencrypted data used to authenticate or authorize individuals | Restricted use data shall be retained for a period of 3 years, or as required by applicable contractual and regulatory requirements, whichever is longer. | |
| Restricted Use Data: Customer Personal Data | This includes personally identifiable information collected from Nested Knowledge customers. We collect name, email address, and (optionally) organization name from customers. | Personal data are stored in our production database, within a VPC. All communication with the database is encrypted and behind authorization. Upon user action through the application initiating deletion of the user's account, all user data is hard deleted. Database backups, which include customer personal data (names and email addresses), are retained for 60 days. | GDPR data retention rules require personal data that is collected or processed to be kept only for as long as data are required to achieve the purpose for which the information was collected, with the exception of data for scientific research. |
Data records will be retained only as necessary for the performance of services, honoring of a contract, or legal obligations. Data that is no longer needed will be destroyed. As described in the Backup Policy, we permanently delete user data 60 days after account deletion.
Upon voluntary or involuntary termination, confidential data and personal data located on physical devices, such as employee laptops, must be deleted within 48 hours. Terminated Employees keep the computer after the computer has been remotely wiped using our Mobile Device Management platform, Mosyle. Mosyle's erase function acts when the device is on and connected to Wi-Fi. To ensure compliance, we do not grant severance pay until the laptop has been wiped.
Nested Knowledge prohibits the use of removable media and paper for storing confidential or personal data. Employees and contractor may not print out documents contacting clients' confidential information.
This policy will be updated on an annual basis and leadership will regularly oversee this policy to make sure employees are consistently upholding the policy's rules.
Any exceptions to the regulations above must be approved by the CEO, CTO, or COO.
| Author | Date of Revision/Review | Comments |
|---|---|---|
| P. Olaniran | 10/31/2022 | Draft sent for approval. |
| K. Kallmes | 10/31/2022 | Draft approved. |
| K. Cowie | 06/15/2023 | Updated |
| K. Kallmes | 6/15/2023 | Approved. |
