Data Retention Policy For email Correspondence

Data Retention Policy
Effective Date: 18 September 2024

Introduction

This Data Retention Policy explains how we collect, store, and manage email correspondence, website analytics data, and chat messages received from our users. We are committed to handling all personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Purpose of Data Retention

We retain data for the following purposes:

• To maintain continuity in communication and ensure that we can refer back to previous interactions when needed.
• To improve our service by keeping a record of user feedback and enquiries.
• To analyse user behaviour through analytics tools such as Google Analytics, Microsoft Clarity, WordPress Stats, and other trackers to enhance website functionality and performance.
• To comply with any legal, regulatory, or operational requirements.
• To retain data related to marketing efforts and conversions tracked by tools such as Google Ads Conversion Tracking, Meta Pixel, and Google Tag Manager.

Data Collection and Storage

Types of Data Collected:

• Email Correspondence: We collect and store the content of emails, including any attachments, the sender’s email address, and any marketing preferences provided by the user.
• Website Analytics: We collect user interaction data through tools such as Google Analytics, Microsoft Clarity, and WordPress Stats. This includes anonymised IP addresses, session recordings, heat maps, and behavioural data.
• Marketing and Advertising Data: We collect data on user behaviour and conversions via tools such as Google Ads Conversion Tracking, Meta Pixel, and Google Tag Manager for targeted advertising and performance analysis.

Storage Location:

• Email Data: All email data is stored securely on our email servers, which are fully compliant with GDPR requirements for data protection and security.
• Analytics Data: Data collected through Google Analytics, Microsoft Clarity, WordPress Stats, and other trackers is stored securely and handled in compliance with GDPR.

Third-Party Data Processors

We utilise third-party platforms, including ClickMeeting, Zoom, Google Analytics, Microsoft Clarity, Google Tag Manager, and Meta Pixel, which may process email or analytics data on our behalf. We have Data Processing Addendums (DPAs) in place with these providers to ensure GDPR compliance.

Retention Period

General Retention Period:

• Emails: Retained for the duration of your membership or from the date of the last correspondence.
• Analytics Data: Data (e.g. session recordings and behavioural data from Microsoft Clarity and Google Analytics) will be retained for up to 26 months to allow for meaningful analysis of website usage.
• Marketing Data: Marketing-related data from tools such as Google Ads Conversion Tracking, Meta Pixel, and Google Tag Manager is retained as long as the user consents to receive such communications or until the data is no longer required for its original purpose.

ClickMeeting Data Retention:
If you cancel your ClickMeeting account, your data associated with our service (including emails related to ClickMeeting events or webinars) will be retained by ClickMeeting for 30 days (or 90 days for Expired or Enterprise Accounts) to allow for reactivation. After this period, your data will be securely deleted from their systems.

Chat Messages Retention:
We retain chat messages for a period of 1 day (1440 minutes), after which they are automatically deleted. This is done to minimise data retention and ensure user privacy. If chat messages contain personal data, users have the right to request earlier deletion.

Marketing Data Retention:
Marketing-related communications are retained only as long as the user consents to receive such communications. Upon withdrawal of consent, relevant data will be securely deleted unless required for legal purposes.

Review and Deletion

After the retention period, emails and analytics data will be reviewed for ongoing relevance. If the data is no longer necessary for the purposes outlined in this policy, it will be securely deleted.

User Rights

Users have the following rights regarding their personal data:

• Right to Access: Users can request access to the emails or analytics data we have stored.
• Right to Rectification: Users can request corrections to any inaccuracies in their data.
• Right to Erasure: Users can request the deletion of their data before the retention period ends. Requests will be honoured unless we are required to retain the data for legal reasons.
• Right to Object: Users can object to the processing of their emails or website analytics data. If an objection is raised, we will stop processing and delete their data unless there are compelling legitimate grounds to continue.

Consent and Agreement

Explicit Consent:
By sending us emails or visiting our website, users explicitly agree to this Data Retention Policy. They consent to the storage and use of their emails, analytics data, and marketing data as described above.

Withdrawal of Consent:
Users can withdraw their consent at any time by contacting us. Upon withdrawal, we will stop processing and delete their data unless retention is required by law.

Data Security

We implement appropriate technical and organisational measures to protect email, chat, and analytics data against unauthorised access, alteration, disclosure, or destruction. This includes encryption, access controls, and regular security audits.

Contact Information

For any queries or requests related to this Data Retention Policy, users can contact our Data Protection Officer at:
Email: enquiries@andrewcurry.co.uk

Updates to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. Users will be notified of significant changes.

Complaints

If users believe their data has been handled in a way that does not comply with this policy or GDPR, they have the right to lodge a complaint with the relevant data protection authority.