Data Retention Policy

Last Updated: July 27, 2025

1. Purpose

This policy outlines how Qualtiva retains and deletes customer data across its cloud subscription services, including analytiQa and integrated systems. It ensures privacy, transparency, and compliance while promoting responsible resource usage.

2. Scope

Applies to all customer-generated and system-derived data stored, processed, or transmitted by Qualtiva during and after the subscription period. Coverage includes:

  1. For analytiQa platform: Insights data, diagnostic events, dashboard visualizations and metrics
  2. Email, access credentials, and contact form data
  3. API usage statistics and project metadata

3. Fair-Use Data Storage

To maintain performance and equitable service delivery, each customer is subject to a 10GB fair-use data cap across their dedicated tenant:

  1. Applies to cumulative data, including logs, dashboards, visualizations, snapshots, and email records.
  2. Customers will receive proactive alerts upon reaching 80% and 100% of their cap.
  3. Optional premium tiers are available for expanded storage needs.

4. Retention Timeline

Data CategoryRetention DurationDescription
Active Subscription36-months (can be increased on request)Full access to all features and data
Backup \ Snapshots1-yearDaily for 2-week cadence
Then monthly
Subscription Cancellation30 days post-cancellationGrace period for data export
Post-30-Day WindowPermanent deletionSecure purge across production and backup systems

5. Data Deletion Process

  1. Data is securely erased using automated scripts and validated purging protocols.
  2. Personally identifiable information (PII) is scrubbed in accordance with privacy regulations (e.g., GDPR).
  3. Data under legal hold is retained until the matter is resolved.

6. Pre-Deletion Notification

  1. Customers are notified 7 days in advance of any irreversible deletion.
  2. Notifications include instructions for exporting data and available support options.

7. Encryption & Access Control

  1. Encryption protocols: TLS 1.3 (transit), AES-256 (at rest).
  2. Role-based access control (RBAC) restricts data visibility to authorized users.
  3. Each tenant operates in isolated environments to prevent cross-contamination.

8. Exceptions & Compliance

  1. Legal disputes, audits, or regulatory obligations (e.g., HIPAA, GDPR, CDR) may override standard retention timelines.
  2. Extended storage options are available upon request for compliance-sensitive data.

9. Policy Review

This policy will be re-evaluated annually or upon substantial changes to technologies, services, or legal frameworks.

10. Contact Us

If you have any questions, please contact us at:

Email: admin[at]qualtiva.solutions Company: Qualtiva Pty Ltd