Intuitus_AudienceLens_Data_Retention_Statement.docx. Check document version and legal status before relying on it.AudienceLens Data Retention Statement
Intuitus Ltd | Working draft | 23 May 2026 | Version 0.2
Prepared for practical customer/procurement use. Working draft for legal and technical review before signature or publication.
| Status and use This is a customer-facing retention statement and internal schedule baseline. It should be checked against the final production stack, database, backups, analytics tools, support/CRM, AI/model provider terms, customer contract and legal/accounting advice before publication. |
|---|
1. Summary position
AudienceLens is designed primarily for communications material that is intended to become public or externally distributed. This reduces the typical confidentiality risk compared with systems for safeguarding, health, donor financial, HR or case-management records. However, AudienceLens may still process personal data, pre-publication drafts, user account data, organisation context, support records, technical logs and incidental personal data contained in customer-submitted content.
Intuitus Ltd therefore keeps personal data only for as long as needed to provide AudienceLens, support customers, maintain security, meet legal/accounting requirements, resolve disputes and improve service reliability where permitted.
2. Scope
- AudienceLens customer accounts and authorised users.
- Customer message drafts, organisation context, audience/location selections and reports.
- Improve Mode drafts, autosaves, collaboration events and version history.
- Usage, security, audit and technical logs.
- Sales, demo, support, billing and contract records.
- Backups and retained operational copies.
- Subprocessor copies where controlled by supplier retention terms.
3. Customer-facing retention schedule
| Data category | Retention period | Notes |
|---|---|---|
| Demo and sales enquiries | 24 months after last meaningful contact | Shorten/delete sooner where no active pipeline exists. Honour opt-outs. |
| Customer account/contract records | Contract term + 6 years | Used for contract, billing, tax, limitation and dispute records. Confirm with accountant/solicitor. |
| Authorised user profile/account data | Contract term + 90 days after account closure | Minimal audit/security records may be retained longer where needed. |
| Customer message drafts and workspace content | Contract term + 60 days after termination | Customer admins should be able to delete sooner where technically supported. |
| Reports, scenarios, comparisons and version history | Contract term + 60 days after termination | Core product history. Delete sooner on customer instruction where technically supported. |
| Autosave snapshots and collaboration events | Contract term or shorter operational rolling period | Consider shorter rolling retention for autosaves once product behaviour is final. |
| AI prompts, outputs and related metadata | Same as related customer content unless provider terms require shorter operational retention | Confirm model provider retention, deletion and training terms before publication. |
| Security and audit logs | 12 months by default; up to 24 months for security, fraud, abuse or investigation needs | Keep access restricted; minimise content in logs. |
| Support tickets | 3 years after closure | Redact or delete customer content/screenshots where no longer needed. |
| Analytics/product usage events | 24 months, with aggregation or anonymisation earlier where feasible | Non-essential analytics require cookie/privacy review. |
| Cookie consent records | 12 months after consent choice or until renewed | Align with consent management platform configuration. |
| Backups | 90 days rolling overwrite | Deleted in ordinary course; not restored solely to delete individual records unless required and feasible. |
| Legal/regulatory/accounting records | As required by law or legitimate business need | Retain only what is necessary and restrict access. |
4. Deletion and return on termination
- On termination or expiry, Intuitus Ltd will delete or return customer content within 60 days unless a different period is agreed in the customer agreement.
- Customer admins should export required materials before termination where export functionality is available.
- Backups are overwritten in the ordinary course, normally within 90 days.
- Intuitus Ltd may retain minimal legal, security, billing, tax, dispute and audit records where required or reasonably necessary.
5. Customer deletion controls
Recommended product position: customer admins should be able to delete projects, scenarios, message drafts, reports and user accounts where technically supported. Where deletion is not available in-product, customers should be able to request deletion via support.
| Implementation note Before publication, confirm the actual product controls for deleting projects/scenarios/reports/users, export options, backup overwrite behaviour and whether deleted records remain in logs, analytics or model-provider systems. |
|---|
6. AI/model provider retention
Before launch/publication, Intuitus Ltd should confirm and document the following for each AI/model/API provider:
- whether customer prompts, content, outputs or metadata are retained;
- retention periods and deletion process;
- whether customer content is used to train or improve models;
- hosting/processing locations and transfer mechanism;
- whether zero-retention or enterprise privacy settings are available; and
- whether provider logs can include personal data or confidential content.
Default customer position: customer content is not used to train third-party or Intuitus Ltd models unless expressly agreed in writing.
7. Legal holds and exceptions
Intuitus Ltd may suspend routine deletion where necessary for:
- legal claims, disputes or regulatory enquiries;
- security incidents, abuse investigations or fraud prevention;
- tax, accounting, audit or statutory recordkeeping;
- compliance with court orders or lawful authority requests; or
- technical restoration/continuity after an incident.
Where a hold applies, Intuitus Ltd should retain only what is necessary, restrict access, document the reason, and remove the hold when no longer needed.
8. Security of retained data
- Access to retained data is restricted by role and need.
- Customer workspaces are logically separated.
- Data is protected in transit using TLS.
- Encryption at rest is used where supported by hosting/storage providers.
- Backups are access-restricted and tested for restoration.
- Logs and support records should avoid unnecessary customer content.
- Subprocessors are reviewed for retention/deletion/security commitments before use.
9. Annual review
This schedule should be reviewed at least annually and whenever AudienceLens changes materially, including changes to hosting, database, backups, analytics, AI/model providers, customer deletion controls, support tooling, or target customer sectors.
10. Short website/security-pack wording
| Customer-facing wording AudienceLens is primarily used for communications material intended for publication or external distribution. Intuitus Ltd keeps personal data only for as long as needed to provide the service, support customers, maintain security, meet legal/accounting requirements and resolve disputes. Customer workspace content is normally retained for the contract term and deleted or returned within 60 days after termination, with backups overwritten in the ordinary course, normally within 90 days. Users should not upload special category data, children data, safeguarding records, health records, donor financial records, HR files or confidential case-management data unless this has been expressly agreed and assessed. |
|---|