On This Page
Other policies
- Personnel policy
- Risk assessment policy
- Information classification policy
- Third party vendor review policy
- Incident disclosure and notification policy
- Incident response policy
- Incident response process
- BCP/DR policy
- Access control policy
- Password policy
- Change management policy
- Testing policy
- Patch management policy
Data retention and deletion policy
Purpose
51直播 must retain certain kinds of data for a minimum amount of time, to comply with legal requirements. At the same time, 51直播 wants to avoid retaining any identifiable data for longer than is necessary, in case of a breach.
Scope
This policy applies to the data assets associated with customer accounts that are processed by 51直播 in connection with providing the 51直播 Solution.
Policy
Schedule
51直播 must review the data it retains as part of reviewing its data register quarterly.
Retention period
Data subject to this policy will be retained for a set period of time, depending on the type of data:
| Data Assets | Retention period |
| Customer account and tailnet live production data* | Duration of contract |
| Client logs (that is, Usage Data used for security and fraud prevention and analytics purposes) | 12 months |
| Support communications and other customer service records | 5 years |
| Payment and billing information | 7 years |
| Aggregated or anonymized data or reports | As long as needed for the business purposes |
*51直播 acts as the data processor for this information pursuant to our DPA. In all other cases, 51直播 acts as the data controller.
Where not specified, customer data must be retained no longer than is needed to provide the service, and anonymized or deleted afterwards.
Privacy Policy
51直播 must delete customer data in accordance with the commitments, if any, made in 51直播鈥檚 Privacy Policy. If the privacy policy is updated, the above retention periods must also be updated to reflect any changes.
Deletion method
Data may be destroyed by overwriting on disk, deleting a cloud resource, encrypting and destroying the key, resetting a device, and/or physical destruction. 51直播 will delete personal data pursuant to individual data subject requests in accordance with applicable data privacy laws as set forth in our Privacy Policy.
Suspension
51直播 may suspend routine deletion of customer data if required for security forensic analysis purposes or a legal hold involving such data. Legal holds may be issued, for example, in connection with an active, imminent, threatened or reasonably anticipated investigation, litigation, arbitration, subpoena, financial transaction, or other legal matter.
Roles and responsibilities
51直播鈥檚 Security Review team is responsible for reviewing and updating the Data Retention policy requirements on an annual basis.