Data Retention & Handling

Retention periods

• Order, invoice, and sales-tax records: retained for 7 years after the transaction, as required by U.S. federal and state tax law. Personal identifiers tied to a deleted account are anonymized; the financial record is preserved.
• Audit logs: retained for 7 years for compliance and security investigations. The actor's email is anonymized on account deletion.
• Profile, login, contact info, drafts, support tickets:deleted within minutes of you requesting account deletion.
• Backups: daily encrypted snapshots with point-in-time recovery; older backups are rotated out on the standard 30-day cycle.

Account deletion

Signed-in users can delete their account from Account → Danger zone. The action signs you out immediately, removes your profile and team memberships, and anonymizes the audit trail. Records covered by the 7-year retention window above are preserved without your personal identifiers.

Encryption

• In transit: TLS 1.2/1.3 for all client and server traffic.
• At rest: AES-256 on the primary database, object storage, and backups.
• Secrets: stored in a managed Vault, never in source code.

Test vs production data

Production traffic is served from production credentials and vendor live keys. Sandbox vendors (e.g. payment and fulfillment) are wired to dedicated test credentials. Preview/staging is workspace-gated and not exposed to end customers.

Data loss prevention

• Row-level security on all customer-facing tables.
• Service-role keys are server-side only; never shipped to browsers.
• Daily encrypted backups + write-ahead log replication.
• All schema changes are versioned and reviewed before deploy.
• Admin alerts on account deletion and high-impact actions.

Contact

Questions or formal data requests: privacy@openwav.ai.