Data Retention Policy
Last updated: October 6, 2024
This Data Retention Policy describes how Vedmorascu ("we," "us," or "our") collects, retains, and disposes of personal and operational data gathered through the use of our platform and services available at vedmorascu.biz. By using our services, you acknowledge the practices described in this policy.
1. Purpose
We retain data only for as long as necessary to fulfill the purposes for which it was collected, to provide our services, to comply with applicable legal and regulatory obligations, to resolve disputes, and to enforce our agreements. Once data is no longer required for these purposes, it is securely deleted or anonymized in accordance with this policy.
2. Scope
This policy applies to all personal data and non-personal operational data processed by Vedmorascu, including data provided by users, data generated through use of the platform, and data obtained from third-party integrations. It applies to all employees, contractors, and service providers who handle data on our behalf.
3. Categories of Data and Retention Periods
Different categories of data are retained for different periods based on their purpose and sensitivity. The following table outlines our standard retention schedules.
| Data Category | Examples | Retention Period |
|---|---|---|
| Account Information | Name, email address, password hash, registration date | Duration of account, plus 2 years after closure |
| Course and Learning Data | Enrolled courses, progress, completion records, certificates | Duration of account, plus 3 years after closure |
| Payment and Billing Records | Transaction history, invoices, billing address | 7 years from transaction date |
| Communication Records | Support tickets, email correspondence | 3 years from last interaction |
| Usage and Log Data | IP addresses, session logs, access timestamps | 12 months |
| Marketing Preferences | Subscription status, consent records | Until withdrawn, plus 2 years |
| Cookies and Tracking Data | Session cookies, analytics identifiers | Up to 13 months |
| Aggregated Analytics | Anonymized usage statistics | Indefinite (no personal identifiers retained) |
Retention periods may be extended where required by law, ongoing legal proceedings, or legitimate business necessity. In such cases, access to retained data is restricted to authorized personnel only.
4. Data Collection Basis
4.1 User-Provided Data
Data that you actively provide when creating an account, enrolling in courses, making purchases, or contacting our support team is retained for the periods described above. This data is used to deliver our services, process transactions, and respond to inquiries.
4.2 Automatically Collected Data
Technical data collected automatically when you interact with our platform, such as log files, device identifiers, and session activity, is retained for shorter durations. This data supports security monitoring, platform performance, and service improvement.
4.3 Third-Party Data
Where data is received through third-party integrations, such as authentication providers or payment processors, retention is governed both by this policy and the terms agreed with those providers. We do not retain third-party payment card data on our own systems.
5. Data Deletion and Anonymization
5.1 Scheduled Deletion
Data that has reached the end of its applicable retention period is permanently deleted or irreversibly anonymized on a scheduled basis. Deletion processes are automated where technically feasible and audited periodically to verify compliance.
5.2 Account Closure
When an account is closed, personal data associated with that account enters a retention hold for the applicable post-closure period before being deleted. During this hold, data remains inaccessible to the user but may be used to fulfill outstanding legal or contractual obligations.
5.3 User-Requested Deletion
Users may request deletion of their personal data by contacting us at [email protected]. We will process verified deletion requests within a reasonable timeframe. Certain data may be retained beyond the requested deletion date where legal obligations require it, and we will communicate any such exceptions at the time of processing your request.
5.4 Anonymization
In some cases, rather than deleting data, we may anonymize it so that it can no longer be associated with any individual. Anonymized data may be retained indefinitely for analytical and research purposes and is not subject to this policy once anonymization is complete.
6. Data Storage and Security During Retention
All retained data is stored using industry-standard security measures, including encryption at rest and in transit, access controls, and regular security assessments. Access to retained personal data is limited to personnel with a documented need to process it. We review and update our security practices on an ongoing basis.
Backup copies of data may be retained for a short additional period beyond the primary retention schedule solely for disaster recovery purposes. These backups are subject to the same access controls and security standards as primary data stores.
7. Third-Party Service Providers
We may engage third-party processors to assist in delivering our services. These processors are contractually required to retain data only for as long as necessary to perform their designated functions and to comply with data protection standards consistent with this policy. We conduct periodic reviews of processor compliance.
8. Legal Holds
In the event of actual or anticipated litigation, regulatory investigation, or other legal proceedings, normal retention and deletion schedules may be suspended for affected data. A legal hold will be applied to relevant data categories until the matter is resolved, at which point standard retention schedules resume.
9. Your Rights Regarding Retained Data
Subject to applicable law, you may have rights with respect to your personal data that we hold, including the right to access, correct, port, restrict processing of, or request deletion of your data. To exercise any of these rights, please contact us using the details below. We will respond to verified requests within a reasonable timeframe and explain any limitations that apply.
10. Policy Reviews and Updates
This policy is reviewed at least annually and updated as necessary to reflect changes in our data practices, applicable law, or business operations. The date at the top of this document indicates when the policy was last revised. Continued use of our services following any update constitutes acceptance of the revised policy. For material changes, we will provide notice through the platform or by email prior to the changes taking effect.
11. Contact Information
If you have questions about this Data Retention Policy or wish to exercise your data rights, please contact us:
- Email: [email protected]
- Phone: +1 604 540 8328
- Mailing address: 25 Campbell St, Belleville, ON K8N 1S6, Canada