Data Retention, Deletion and Export Policy

Draft only. Requires legal review before publication. This software provides compliance tooling, but does not provide legal advice.

Data Retention, Deletion and Export Policy

Purpose

Explain how long BAAM AI keeps data, how customers can export it, and how deletion works.

Source model

This slot follows mature SaaS and security-software legal-center patterns: Zapier-style customer terms, DPA, subprocessors, security, and data-transfer material; Avast-style license, acceptable-use, privacy, IP, transparency, and accessibility material.

Jurisdiction focus

Prepare this for EU users and Czech-market operation. Complete operator details, Czech consumer wording, cookie consent behavior, GDPR roles, and cross-border transfer safeguards before publication.

Retention categories

Define retention for account, billing, invoices, audit logs, security logs, workspace content, generated assets, integration records, support tickets, marketing contacts, and backups.

Deletion requests

Explain deletion request channel, identity verification, legal exceptions, billing/legal retention, and backup deletion timing.

Exports

Explain available export formats for customer content, campaign assets, reports, and account data.

Account closure

Describe what happens after cancellation, non-payment, or termination.

Security and legal holds

Reserve retention where needed for fraud prevention, abuse investigation, legal claims, regulatory compliance, or security incident review.

Completion checklist

• Fill in concrete retention periods.
• Align with database cleanup jobs and backup behavior.
• Link Privacy Policy and DPA.