InRAD Network ("we," "us," or "our") is committed to protecting the privacy of our users and maintaining compliance with data protection regulations, including the General Data Protection Regulation (GDPR). This Data Retention Schedule Policy explains how long we retain personal data, the criteria we use to determine retention periods, and how we securely delete data once it is no longer needed.
1. Purpose of the Policy The purpose of this policy is to:
Ensure that personal data is retained only for as long as necessary to fulfill the purposes for which it was collected.
Comply with legal, regulatory, and contractual obligations regarding data retention.
Minimise the risk of storing outdated or excessive data that could pose privacy or security risks.
2. Categories of Data and Retention Periods The table below outlines the categories of personal data we collect through this website, the purpose of retention, and the retention periods for each category. Retention periods are determined based on legal, contractual, and operational requirements.
User Account Information Purpose: Not collected Retention Period: Not applicableDeletion/Anonymisation Process: Not applicable
Newsletter Subscriptions Purpose: To send newsletters and updates (based on consent) Retention Period: Retained until the user unsubscribes + 6 months for backup purposes Deletion/Anonymisation Process: Immediate deletion or anonymisation upon request or withdrawal of consent
Cookies and Tracking Data Purpose: To enhance user experience, analyse site usage, and for marketing purposes Retention Period: Session cookies: Deleted after session ends. Persistent cookies: Retained for up to 2 years (unless user deletes cookies) Deletion/Anonymisation Process: Cookies deleted automatically or by the user; anonymised data may be retained for analysis
Analytics Data (Anonymous) Purpose: To monitor and improve website performance Retention Period: Retained for 3 yearsDeletion/Anonymisation Process: Anonymised data retained for statistical analysis
Marketing and Advertising Data Purpose: Not collected Retention Period: Not applicable Deletion/Anonymisation Process: Not applicable
Employment/Recruitment Data Purpose: For job applications and recruitment purposes Retention Period: Retained for 1 year after the position is filled or the application is withdrawn Deletion/Anonymisation Process: Secure deletion or anonymisation after the retention period
Legal Compliance Data Purpose: To comply with legal obligations or disputes Retention Period: Retained as long as required by applicable law or until the resolution of any legal matters Deletion/Anonymisation Process: Secure deletion after the statutory period
3. Criteria for Retention Periods We base the retention periods on the following criteria:
Legal Requirements: Some data must be retained for specific periods to comply with local, national, or international laws.
Contractual Obligations: We retain data to fulfil our contractual commitments with users, partners, or third-party service providers.
User Consent: Data retained based on user consent (e.g. newsletter subscription) is stored until the user withdraws consent or requests deletion.
Operational Necessity: We retain data necessary to ensure the security and functionality of our services (e.g., user accounts, analytics) for defined periods.
4. Data Minimisation and Secure Deletion We follow the principle of data minimisation, meaning we only collect and retain the minimum amount of data necessary to achieve the specific purpose. When personal data is no longer required, we ensure that it is securely deleted or anonymised.
Secure Deletion: We use secure methods for deleting data, such as encryption, overwriting, or physical destruction, ensuring that personal data cannot be recovered.
Anonymisation: Where possible and applicable, we anonymise data to retain it for analytics purposes without identifying individuals.
5. User Rights and Data Retention (Under GDPR) If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:
Right of Access: You have the right to request access to the personal data we hold about you.
Right to Rectification: You have the right to request the correction of inaccurate or incomplete information.
Right to Erasure (Right to be Forgotten): You can request that we delete your personal data, subject to legal and contractual obligations.
Right to Restrict Processing: You have the right to request the restriction of processing your personal data in certain circumstances.
Right to Data Portability: You have the right to request that we transfer your personal data to another organisation or directly to you, where technically feasible.
Right to Object: You can object to the processing of your personal data if it is based on legitimate interests, or if your data is being used for direct marketing purposes.
Right to Withdraw Consent: If we are processing your data based on your consent, you have the right to withdraw that consent at any time.
To exercise your rights, please contact us at inradcomms@tw1hc.co.uk
6. Third-Party Data Retention When we share your data with third-party service providers (e.g., payment processors, cloud storage), those parties are contractually required to comply with our data retention standards and applicable laws, including GDPR. We only share data necessary for the services they provide and ensure that third-party data retention schedules align with our policy.
7. Updates to This Data Retention Schedule Policy We may update this policy from time to time to reflect changes in legal requirements, operational practices, or data protection principles. Any changes will be posted on this page, and the "Effective Date" at the top will be updated accordingly. We encourage you to review this policy periodically for any updates.
8. Contact Us If you have any questions about our data retention practices or would like to exercise your rights regarding your personal data, please contact us at: Email: inradcomms@tw1hc.co.uk
If you are located in the EEA, you may also contact our Data Protection Officer (DPO) for matters related to data retention or other data protection concerns: Johan van Beek, inradcomms@tw1hc.co.uk
