Data at Rest and Retention | TrackLabs

Legal and Compliance Privacy Policy Terms of Service Sub-Processors Cookie Policy GDPR Compliance HIPAA Compliance CCPA Compliance Affiliate Terms Security Security Policy Security Updates Data in Motion Data at Rest and Retention Security Partners Security Innovations Data at Rest and Retention User and Activity Data Email Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Password Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Encryption: Passwords are securely stored using one-way hashing techniques, ensuring they cannot be reversed to retrieve the original password. Strong hashing algorithms, combined with salting, are implemented to protect against brute force and rainbow table attacks. Fullname Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Phone Number (optional) Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. IP Address Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Geolocation (optional) Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Birthday Date (optional) Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Communication Data (optional) Messages in TrackLabs Chat, TrackLabs AI Retention Policy: Data is retained until the user or workspace is automatically deleted due to inactivity or upon a deletion request, in accordance with our privacy policy. Encryption: TrackLabs Chat uses cryptographic encryption for all messages which are retained in our databases. Other Data which is collected temporary for analytics and security monitoring purposes Number of pages visited Entry/exit points Time on site Button pressed to register Source of visit Visit date/time Additional data may be collected to improve services, comply with legal requirements, or fulfill specific user requests. Any such data will be handled and retained in accordance with our privacy policy. Sensitive Data Disclaimer Our service does not actively collect or process sensitive data categories such as biometric data, religious or philosophical beliefs, sexual orientation, genetic data, political opinions, or health data. However, users may upload or generate content (e.g., screenshots) that could contain such information, depending on their usage of the system. User Responsibility: Users are responsible for ensuring compliance with applicable privacy regulations when uploading or sharing sensitive data within the platform. Our Role: We act as a data processor for such content and do not analyze or use it unless explicitly required for troubleshooting or legal purposes. Security Measures: All data is stored securely in accordance with industry standards to protect user privacy. Media Files Screenshots Retention Policy: Until the user deletes them manually Until the workspace requested to delete its data Otherwise, automatically deleted after 3, 6, or 12 months, depending on the package Access: Restricted to authorized workspace users, as the URL containing the token is accessible only within the workspace. Encryption: Multi-Step Encryption: Unique Encryption and Decryption Tokens: Each file is assigned a unique token during the encryption process, ensuring personalized protection and preventing the possibility of decrypting all files in the same way. Token-Based Transformation: Files undergo a custom transformation using an algorithm developed by our security team, adding a unique layer of security to each file. AES Encryption: After transformation, the data is encrypted using the industry-standard AES-256-CBC, ensuring robust cryptographic security. Amazon Encryption: Server-side encryption (SSE) with Amazon S3-managed keys (SSE-S3) adds an additional layer of security for all files stored in our infrastructure. Personal Info > Documents and Other Files Retention Policy: Until the user deletes them manually Until the user or workspace is deleted Access: Restricted to authorized workspace users Encryption: Multi-Step Encryption Finances → Invoices → Create Invoice Retention Policy: Until user deletes it or workspace is deleted Access: Restricted to authorized workspace users Finances → Expense Tracking → Receipts Retention Policy: Until user deletes it or workspace is deleted Access: Restricted to authorized workspace users Encryption: Multi-Step Encryption Tasks & Subtasks & comments → Attachments Retention Policy: Until the user deletes it, or deletes the task, or subtask, or project, or workspace. Access: Restricted to authorized workspace users Encryption: Multi-Step Encryption Chat → Files Retention Policy: Until the user deletes it, the message, channel, or workspace will not be deleted. Access: Restricted to authorized workspace users Encryption: Multi-Step Encryption Settings → Avatars Retention Policy: Until user deletes it or workspace is deleted Note: public media files are cached by Cloudflare, and after deleting it will take max 30 days so it will be deleted from Cloudflare CDN Access: Publicly available if you have the URL of the single file Settings → White Label → Logo and Favicon Retention Policy: Until user deletes it or workspace is deleted Note: public media files are cached by Cloudflare, and after deleting it will take max 30 days so it will be deleted from Cloudflare CDN Access: Publicly available if you have the URL of the single file Tracker Logs Logs which go to server when you send error log. Retention Policy: Until user or workspace is deleted Otherwise, automatically deleted after 3 months Access: Restricted, only accessed by support and technical support teams Support → Ticket → Attachments Retention Policy: Until workspace is deleted Access: Restricted, only accessed by support and technical support teams Last updated: 17 February, 2025