Data Retention Policy

Logically DATA RETENTION POLICY

Data Retention Policy

Revised and Published 15-July-2024 | Confidential

  1. Purpose
    This Data Retention Policy establishes guidelines for the retention and disposal of data collected and processed by Logically a B2B business. The policy aims to ensure compliance with legal requirements, safeguard sensitive information, and manage data efficiently.
  2. Scope
    This policy applies to all data collected, processed, and stored by Logically, including but not limited to customer information, financial records, employee data, and operational data.
  3. Data Categories and Retention Periods
    Below are the categories of data typically handled by Logically, along with recommended retention periods. Retention periods may vary based on legal requirements, contractual obligations, and business needs.
    • Customer Data
      • Active Customers: Retain data for as long as the customer relationship is active and for a period after (e.g., 7 years).
      • Inactive Customers: Retain data for a period to support potential re-engagement or historical analysis (e.g., 5 years post-inactivity).
      • Prospective Customers: Retain data for a reasonable period to support sales and marketing efforts (e.g., 3 years).
    • Financial Records
      • Retain financial records, including invoices, receipts, and accounting documentation, as required by tax and regulatory authorities (e.g., 7 years).
    • Employee Data
      • Retain personnel records as required by employment laws and regulations (e.g., duration of employment plus 7 years).
    • Operational Data
      • Retain operational data, such as transaction logs and system access records, as necessary for operational purposes and to meet legal requirements (e.g., 3 years).
  4. Data Storage and Security
    • Data shall be stored securely using industry-standard encryption and access controls.
    • Access to data shall be restricted to authorized personnel only, based on the principle of least privilege.
  5. Data Disposal
    • Data that has reached the end of its retention period shall be securely disposed of using methods that prevent unauthorized access, such as shredding physical documents and securely deleting digital data.
    • Disposal procedures shall be documented and regularly reviewed for compliance.
  6. Review and Update
    • This policy shall be reviewed annually and updated as necessary to reflect changes in legal requirements, business practices, or technological advancements.
  7. Compliance
    • All employees and contractors are responsible for complying with this Data Retention Policy and related procedures.
      • Non-compliance may result in disciplinary action up to and including termination of employment or contract.
  8. Training and Awareness
    • Employees shall receive training on data retention practices and their responsibilities under this policy
      • Regular awareness programs shall be conducted to reinforce the importance of data protection and compliance.
  9. Document Control
    • This policy shall be maintained and accessible to all employees via the Logically iSolved system.
      • Previous versions of this policy shall be archived for reference.
  10. Contact Information
    For questions or concerns regarding this Data Retention Policy, please contact Eric Epstein, Director Revenue Operations and the designated Logically Data Protection Officer (DPO) at eepstein@Logically.com
  •  
    1.  
    1.  
    1.  

Approval 

This Data Retention Policy has been approved and adopted by Logically on the 15th of July 2024.