Data Retention Policy
Last Updated: May 11, 2025
This Data Retention Policy explains how Auraaplanners ("we," "us," or "our") retains, stores, and deletes personal data and other information collected through our platform at auraaplanners.com. This policy applies to all users, participants, and visitors of our services.
1. Purpose and Scope
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. This policy outlines our retention practices and deletion procedures.
1.1 Scope of Application
This policy applies to all data collected through:
- Account registration and user profiles
- Seminar enrollments and participation
- Payment and transaction records
- Communications and support interactions
- Website analytics and cookies
- Marketing and promotional activities
2. Data Categories and Retention Periods
2.1 Account Information
Data Type: Name, email address, password, profile information, preferences
Retention Period: Retained for the duration of active account status plus 3 years after account closure or last activity
Purpose: User authentication, service provision, account management, and legal compliance
2.2 Enrollment and Participation Records
Data Type: Seminar registrations, attendance records, completion certificates, discussion contributions, submitted assignments
Retention Period: 7 years from completion or last participation
Purpose: Educational records, certificate verification, quality assurance, and regulatory compliance
2.3 Payment and Financial Data
Data Type: Transaction history, payment methods, billing information, invoices, refund records
Retention Period: 7 years from transaction date
Purpose: Financial reporting, tax compliance, fraud prevention, and dispute resolution
2.4 Communication Records
Data Type: Email correspondence, support tickets, chat logs, feedback submissions
Retention Period: 3 years from last communication
Purpose: Customer support, service improvement, and dispute resolution
2.5 Marketing and Consent Data
Data Type: Marketing preferences, consent records, subscription status, campaign interactions
Retention Period: Retained until consent is withdrawn, plus 2 years for compliance documentation
Purpose: Marketing communications, consent management, and regulatory compliance
2.6 Technical and Analytics Data
Data Type: IP addresses, device information, browser data, cookies, usage patterns, session logs
Retention Period: 18 months from collection
Purpose: Security, analytics, service optimization, and fraud prevention
2.7 Security and Audit Logs
Data Type: Login attempts, security events, access logs, system modifications
Retention Period: 2 years from log creation
Purpose: Security monitoring, incident investigation, and compliance auditing
3. Legal and Regulatory Retention
3.1 Compliance Obligations
Certain data must be retained to comply with legal, accounting, and regulatory requirements. Where legal obligations require longer retention periods than specified in this policy, we will retain data for the legally mandated duration.
3.2 Litigation Hold
In cases of pending or anticipated litigation, investigations, or audits, we may suspend deletion schedules and retain relevant data until the matter is resolved.
3.3 Business Records
Records essential for business continuity, contractual obligations, or intellectual property protection may be retained beyond standard periods as necessary.
4. Data Deletion and Anonymization
4.1 Secure Deletion Procedures
When retention periods expire, we delete or anonymize personal data using secure methods:
- Permanent deletion from active databases and backup systems
- Secure overwriting of storage media
- Anonymization rendering data non-identifiable
- Destruction of physical records through shredding or incineration
4.2 Backup Systems
Data in backup systems is deleted according to backup rotation schedules, typically within 90 days of deletion from production systems. Backups created before deletion may persist until the backup cycle completes.
4.3 Anonymization Standards
Anonymized data cannot be re-identified and is considered outside the scope of personal data protection. We may retain anonymized data indefinitely for statistical analysis and research purposes.
5. User Rights and Deletion Requests
5.1 Right to Deletion
Users may request deletion of their personal data by contacting us at info@auraaplanners.com. We will process deletion requests within 30 days, subject to legal retention requirements.
5.2 Account Closure
Users may close their accounts at any time. Upon closure, we will delete or anonymize personal data according to this policy, retaining only what is necessary for legal compliance.
5.3 Exceptions to Deletion
We may decline deletion requests when retention is necessary to:
- Comply with legal obligations
- Complete transactions or provide requested services
- Detect and prevent fraud or security incidents
- Exercise or defend legal claims
- Maintain educational records and certificates
6. Third-Party Data Processors
6.1 Processor Obligations
Third-party service providers processing data on our behalf must comply with retention periods equivalent to or shorter than those specified in this policy, unless legal obligations require longer retention.
6.2 Data Transfer and Deletion
When terminating relationships with service providers, we ensure appropriate data return or deletion according to contractual agreements and this policy.
7. Data Retention Table
| Data Category | Retention Period | Deletion Method |
|---|---|---|
| Active user accounts | Duration of account + 3 years | Secure deletion |
| Enrollment records | 7 years from completion | Archival then deletion |
| Payment transactions | 7 years from transaction | Secure deletion |
| Support communications | 3 years from last contact | Secure deletion |
| Marketing consents | Until withdrawal + 2 years | Secure deletion |
| Analytics data | 18 months from collection | Anonymization |
| Security logs | 2 years from creation | Secure deletion |
| Backup systems | 90 days after primary deletion | Automatic rotation |
8. Review and Updates
8.1 Policy Review
We review this Data Retention Policy annually to ensure compliance with legal requirements and alignment with business practices. Updates reflect changes in regulations, technology, and organizational needs.
8.2 Notification of Changes
Material changes to retention periods or deletion practices will be communicated through our website and, where appropriate, direct notification to affected users.
9. Contact Information
For questions, concerns, or requests regarding data retention and deletion practices, please contact us:
Auraaplanners
105 E Jefferson Blvd #800
South Bend, IN 46601
United States
Email: info@auraaplanners.com
Phone: +1 928 201 2118
10. Accountability and Compliance
We maintain internal records documenting our data retention practices, deletion activities, and compliance measures. These records are available for regulatory review upon request and support our commitment to transparent and responsible data management.
Our data protection team monitors compliance with this policy and investigates any deviations or incidents. We conduct regular audits to verify that retention periods are observed and deletion procedures are properly executed.