This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
wiki:policies:document_retention [2023/10/05 17:53] katcow |
wiki:policies:document_retention [2023/12/18 14:19] (current) katcow |
||
---|---|---|---|
Line 11: | Line 11: | ||
Digital records include contracts, operating agreements, tax returns, emails, chats, voice messages, invoices, meeting notes, presentations, | Digital records include contracts, operating agreements, tax returns, emails, chats, voice messages, invoices, meeting notes, presentations, | ||
- | Physical records may include contracts | + | Nested Knowledge does not process any physical documents except for checks |
===== III. Policy ===== | ===== III. Policy ===== | ||
Line 61: | Line 61: | ||
|Restricted Use Data: Customer Personal Data|This includes personally identifiable information collected from Nested Knowledge customers. We collect name, email address, and (optionally) organization name from customers.|Personal data are stored in our production database, within a VPC. All communication with the database is encrypted and behind authorization. **Upon user action through the application initiating deletion of the user's account, all user data is hard deleted.** Database backups, which include customer personal data (names and email addresses), are retained for 60 days.|GDPR data retention rules require personal data that is collected or processed to be kept only for as long as data are required to achieve the purpose for which the information was collected, with the exception of data for scientific research.| | |Restricted Use Data: Customer Personal Data|This includes personally identifiable information collected from Nested Knowledge customers. We collect name, email address, and (optionally) organization name from customers.|Personal data are stored in our production database, within a VPC. All communication with the database is encrypted and behind authorization. **Upon user action through the application initiating deletion of the user's account, all user data is hard deleted.** Database backups, which include customer personal data (names and email addresses), are retained for 60 days.|GDPR data retention rules require personal data that is collected or processed to be kept only for as long as data are required to achieve the purpose for which the information was collected, with the exception of data for scientific research.| | ||
- | ==== Data Destruction | + | ==== Data Destruction ==== |
Data records will be retained only as necessary for the performance of services, honoring of a contract, or legal obligations. Data that is no longer needed will be destroyed. As described in the [[: | Data records will be retained only as necessary for the performance of services, honoring of a contract, or legal obligations. Data that is no longer needed will be destroyed. As described in the [[: | ||
+ | |||
+ | Upon voluntary or involuntary termination, | ||
+ | |||
+ | Nested Knowledge prohibits the use of removable media and paper for storing confidential or personal data. Employees and contractor may not print out documents contacting clients' | ||
==== Communication and Compliance ==== | ==== Communication and Compliance ==== |