This policy describes how long Signalix retains different categories of data. We retain data only as long as necessary to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements. Data past its retention period is automatically purged or anonymized.
| Data Category | Data Types | Retention Period | Justification |
|---|---|---|---|
| Account & Profile Data | Name, email, phone, employee ID, profile photo | Duration of account + 30 days after deletion request | Required to provide the service; deleted upon verified request |
| Authentication Data | Session tokens, login history | Active session duration; login history retained 90 days | Managed by Clerk; needed for security auditing |
| GPS Location Data | Latitude/longitude from clock-in/out events | 12 months from the clock event date | Required for attendance verification and labor compliance; auto-purged after retention period |
| Clock-In/Out Records | Timestamps, site associations, shift linkage | 24 months | Required for timesheet generation, payroll, and labor law compliance |
| Shift Schedules | Shift assignments, times, site assignments | 24 months | Operational records; needed for payroll and historical scheduling |
| Timesheets | Approved/rejected timesheets, hours worked | 36 months | Labor law compliance (FLSA requires 3-year retention of payroll records) |
| Incident Reports | Incident details, timestamps, associated photos | 36 months | Legal and insurance compliance; may be needed for litigation holds |
| Work Orders | Work order details, status, assignments | 24 months | Operational records; vendor billing reconciliation |
| Daily Activity Reports | Guard activity logs, patrol logs | 24 months | Client contractual requirements; operational compliance |
| Uploaded Documents | Licenses, certifications, invoices (S3) | Duration of account + 90 days after org deletion | Required for compliance verification; purged after org offboarding |
| Payment Data | Transaction records, subscription history | 7 years (financial records) | Tax and financial compliance; actual card data stored by Stripe only |
| SMS Logs | Masked phone numbers, message status, delivery timestamps | 12 months | Debugging, compliance auditing, TCPA dispute resolution |
| Analytics Events | Anonymized page views, feature usage, click events | 12 months | Product improvement; no PII is captured in analytics |
| Error Logs (Sentry) | Error stack traces, browser metadata | 90 days | Debugging and performance monitoring |
| Audit / Activity Logs | User actions, admin changes, system events | 24 months | Security auditing and compliance |
You may request deletion of your personal data at any time through our Data Request page. Upon receiving a verified deletion request:
When an organization cancels their Signalix subscription and requests data deletion:
Signalix runs automated background jobs to purge expired data according to this schedule. Purge jobs run daily and target data that has exceeded its retention period. All purge operations are logged for audit purposes.