Data Purge Policy

1. Purpose & Legal Basis

This Data Purge Policy describes how Privacy Insight Solutions manages the retention and deletion of personal data collected in connection with our services and website.

This policy is established in accordance with:

• GDPR Article 5(1)(e) — Storage Limitation: personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
• GDPR Article 17 — Right to Erasure (“Right to be Forgotten”)
• GDPR Article 25 — Data Protection by Design and by Default
• CCPA — California Consumer Privacy Act, Section 1798.105 (Right to Deletion)

Our default posture is to retain data for the shortest period possible while meeting our legal and operational obligations.

2. Scope

This policy applies to all personal data processed by Privacy Insight Solutions, including:

• Data provided by clients during contact or service engagement
• Data collected as part of delivering an audit or investigation service
• Data collected automatically through our website (analytics)
• Data held by any third-party processors acting on our behalf

This policy does not apply to data that has already been anonymized or aggregated in a manner that no longer permits identification of any individual.

3. Retention Schedule

The following table defines the retention period for each category of data we process:

Data Category	Description	Retention Period	Basis
Case Findings	Audit results, exposure reports, discovered records, investigation notes	48 hours after delivery to client	Data minimization; client privacy protection
Contact Inquiries	Name/alias, email address, message content submitted via contact form or email	30 days after case closure or last communication	Legitimate interest (responding to inquiries)
Client Identifiers	Identifiers provided for audit purposes (known emails, general locations)	Duration of engagement + 48 hours	Contractual necessity
Transaction Records	Invoice date, service tier, payment confirmation reference (no card data stored)	7 years	Legal obligation (financial/tax regulations)
Pattern-of-Life Monitoring Data	Publicly visible online activity collected during The Shield’s 30-day monitoring window (with explicit client consent)	Duration of 30-day monitoring engagement + 48 hours after report delivery. Not retained beyond delivery under any circumstance.	Explicit consent (withdrawn automatically upon delivery)
Consent Records	Written authorization forms for corporate engagements and Shield monitoring consent	3 years after engagement end	Legal obligation (demonstrating lawful processing)
Website Analytics	Aggregated, anonymized page view data (Plausible Analytics — no personal identifiers)	Rolling 13 months	Legitimate interest (service improvement); no personal data involved
Security Logs	Server access logs (IP addresses, request timestamps)	30 days	Legitimate interest (security monitoring)

4. Purge Process

When a retention period expires, data is deleted using the following methods depending on the storage medium:

4.1 Digital Files & Documents

• Files are overwritten using a secure deletion method (minimum single-pass overwrite) before deletion
• For highly sensitive case findings, cryptographic erasure is applied where encryption was used during storage
• Deletion is confirmed and logged internally (the log records only that deletion occurred, not the content deleted)

4.2 Email Communications

• Case-related email threads are deleted from all mail clients and servers within the applicable retention window
• Encrypted email services (ProtonMail) are used by default, which provide end-to-end encryption and server-side deletion capabilities

4.3 Third-Party Processors

• Where data has been shared with a third-party processor (e.g., a payment processor), we submit deletion requests in accordance with that processor’s data subject rights procedures
• We maintain records of such requests and their outcomes

4.4 Backups

• We do not maintain long-term backups of case-specific personal data
• Any temporary backups created during an engagement are deleted within the same 48-hour window as the primary case data

5. Right to Erasure (GDPR Article 17)

You have the right to request the deletion of your personal data at any time. We will honor erasure requests where one or more of the following conditions apply:

• The data is no longer necessary for the purpose for which it was collected
• You withdraw consent and there is no other legal basis for processing
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed
• Erasure is required to comply with a legal obligation

We will complete verified erasure requests within 30 days of receipt. Where erasure is not possible (e.g., data subject to a legal retention obligation such as financial records), we will inform you of the specific reason and the earliest date at which deletion can occur.

To submit an erasure request, see Section 9.

6. Third-Party Data Processors

We use a minimal number of third-party services. The following processors may handle personal data on our behalf:

• Netlify Forms (Netlify, Inc.) — Built-in form handler from our hosting provider. Processes contact form and guide request submissions (name, email, message content) and stores them in our Netlify dashboard. No data is sent to third-party form services. See Netlify’s privacy policy.
• Plausible Analytics — Website analytics. Processes only anonymized, aggregated data. No personal identifiers. GDPR compliant. Data retained for 13 months.
• Payment Processors — Handle payment transactions. We do not store card numbers or full payment details. Processors are PCI-DSS compliant and subject to their own retention policies.
• ProtonMail / Tutanota — Encrypted email communication. End-to-end encrypted. Subject to Swiss and EU privacy law respectively.

We do not use advertising networks, social media trackers, or any third-party service that profiles users for commercial purposes.

7. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33
• Notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms, in accordance with GDPR Article 34
• Document all breaches internally, including those not requiring notification, in accordance with GDPR Article 33(5)

Given our minimal data retention practices, the scope of any potential breach is inherently limited. Case findings are deleted within 48 hours of delivery, significantly reducing the window of exposure.

8. Policy Review

This policy is reviewed at least annually and updated whenever there is a material change to our data processing activities or applicable law. The “Last updated” date at the top of this page reflects the most recent revision.

Clients and website visitors are encouraged to review this policy periodically. Continued use of our services following a material update constitutes acceptance of the revised policy.

9. Contact & Erasure Requests

To submit a data erasure request, exercise any other data subject right, or ask questions about this policy, please contact us:

• Email: privacy@privacyinsightsolutions.com
• Subject line: “Data Erasure Request” or “Data Subject Rights”

Please include sufficient information to verify your identity and identify the data you are requesting be deleted. We will acknowledge your request within 5 business days and complete the erasure within 30 days.

If you are unsatisfied with our response, you have the right to lodge a complaint with your national data protection authority. For EU residents, a list of supervisory authorities is available at edpb.europa.eu.