Data Retention
Last updated: June 17, 2026
This policy describes how long CloudIngest, Inc. retains the categories of data held in StaffSync, and what happens to that data on request or when an account or organisation is closed. It supplements our Privacy Policy.
1. Retention by category
| Category | Examples | Retention |
|---|---|---|
| Account data | Name, work email, roles, organisation membership | For the life of the account; removed or anonymised after closure |
| Customer content | Requirements, submissions, résumés, notes, comments | Retained while the organisation is active; deleted after termination per below |
| Audit logs | Records of sensitive actions (role changes, access, settings) | Retained up to 24 months for security and compliance |
| Diagnostic logs | Application and error logs used for troubleshooting | Typically retained up to 30–90 days, then rotated |
| Backups | Encrypted database backups for disaster recovery | Retained on a rolling basis and overwritten in the normal cycle |
2. Deletion on request
Organisation administrators may request deletion of specific records or of their organisation’s data. We action verified requests within a reasonable period, subject to legal-hold and operational constraints. Because your organisation controls its Customer Data, end-user deletion requests should be directed to your organisation administrator.
3. Deletion on termination
After an organisation’s subscription ends, Customer Data is retained for a short wind-down window to allow export, then deleted from active systems. Residual copies in encrypted backups are removed as those backups age out of the normal rotation.
4. Sub-processors
Where data is processed by our infrastructure, logging, or error-reporting sub-processors, retention there follows the periods above or the sub-processor’s shorter default, and is governed by our agreements with them.
5. Contact
Retention or deletion questions can be sent to privacy@cloudingest.info.