Data Deletion Policy

SOC 2 Criteria: CC6.5

Keywords: Data Retention, Grace Period

Purpose

This policy outlines the requirements and controls/procedures Userflow has implemented to manage the deletion of customer data.

Policy

For Customers

Customer data is retained for as long as the account is in active status. Data enters an “expired” state when the account is voluntarily closed. Expired account data will be retained for 60 days. After this period, Userflow reserves the right to delete the data. This information can not be recovered once it has been permanently deleted. Customers that wish to voluntarily close their account should download their data manually prior to closing their account.

Revision History