Retention periods
On the Genkgo platform, data is saved in various locations. The retention periods of these data are not all equal. In a large number of cases, the client can determine the length of the retention period. In other cases, Genkgo makes the decision. In order to explain our choices, it is important to clarify some concepts first. Below, each concept is described, followed by the policy regarding the retention period around the concept.
Data subject
In the Organization Application, the data of several types of data subjects is kept. Genkgo offers functionality to manage the retention period of these data. This means that clients can make settings for certain data to be (automatically) anonymized or deleted. This is not only the case for the Organization, but also for forms on the Website and the Events Application.
Transaction data
Transaction data are data regarding financial transactions that have already taken place. This includes at least invoices, accounting data and issued proof (such as tickets for events). As legal retention periods may apply to these data, Genkgo does not delete it. It is also not possible to (automatically) anonymize these data. Depending on the application, it is possible to delete data per individual.
Statistics
The form of statistics that is used most is the visitors of the website. Sent items and tracking clicked links in the Communication Application also belong to the category statistics. The criterion used to determine the retention period of statistics is completely up to the client. To determine this, several functions are offered within the application. Genkgo does not guarantee that everything is possible regarding the criteria for retention periods.
Backups
The default retention period for backups is 45 days. Read more about backups in the article ‘Backups’.
Server logs
The retention period of server logs is also a maximum of 45 days. Server logs can be used for tracing, support and security purposes. The fact that the retention period is a maximum of 45 days does not mean that Genkgo maintains a retention period of exactly 45 days for each application. This differs per application.
Audit trails
Genkgo records certain events to have taken place. An example is e-mail automation in the Organization Application. These records are saved for 12 months.
E-mail metadata
Based on article 13.2a of the Telecommunications law (Telecommunicatiewet), internet providers must save metadata regarding incoming and outgoing e-mail communication for six months. As the correct delivery of e-mail very important to Genkgo, metadata regarding e-mail is saved longer then the legally required period. The system automatically creates blacklists based on delivery patterns of messages previously sent. Genkgo cleans up e-mail metadata once a year. In the first month of the year, data from two years ago gets deleted. This means that metadata of sent messages is saved at least one year and up to two years.