GENTIF uses database-driven retention policies so retention periods can be adjusted by authorized administrators when laws, business requirements, legal holds, or product policy change.
Last updated: 2026-06-11 · Policy set: v1.9.5m
Admin-controlled retention periods. The public schedule below describes default policy. The operational retention process uses admin-managed records in retention_policies, version history in retention_policy_versions, and active holds in legal_holds. Retention jobs should read those database tables rather than hardcoded values.
| Record category | Default period | Trigger |
|---|---|---|
| Closed account profile | 4 years | Account closure |
| Terms and policy acceptance | 4 years | Account closure or last acceptance |
| Orders, invoices, subscriptions, refunds | 7 years | Transaction date |
| Tax and accounting records | 7 years | Transaction/tax period |
| Domain ownership, verification, and supersession | 7 years or longer if disputed | Domain removal, supersession, or dispute closure |
| Certification, declaration, badge, proof, and directory history | 7 years | Credential expiration, revocation, or removal |
| Website scans, URL inspection, and page inventory | 2 years | Domain/account closure or removal |
| AI service requests and outputs | 2 years; 7 years if safety/dispute-related | Account closure, request date, or incident closure |
| Security and audit logs | 2 years normal; 7 years for incidents | Event or incident closure |
| Privacy requests and appeals | 4 years | Final resolution |
| Backups | 30–180 days typical | Backup creation |
| Legal hold records | Until hold release | Legal hold released |
Deletion may be denied, delayed, archived, anonymized, or restricted where GENTIF needs records for tax, accounting, billing, contract enforcement, chargebacks, security, fraud prevention, abuse prevention, certification integrity, domain ownership, supersession, privacy-rights compliance, legal claims, audits, regulatory requests, or legal holds.