Introduction

A retention policy is a key part of the lifecycle of a record. It describes how long a business needs to keep a piece of information (record), where it is stored and how to dispose of the record when it's time.

Definitions and Terms

• “Ascentis” (referred to as either "We", "Us" or "Our" in this Agreement) refers to Ascentis Private Limited.
• "Services" means all software/services that we make available to You for use in connection with Ascentis.
• “You” means the individual accessing or using the Services, or the company, or other legal entity on behalf of which such individual is accessing or using the Services, as applicable.

How Ascentis retains data we collect

Ascentis collects and stores customer data as part of our SAAS model. What we collect, why we collect it, and how you can manage your information are described in our Data Protection Policy. This retention policy describes why we hold onto different types of data for different periods of time.

Some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary.

Information retained until you remove it

We offer a range of services that allow You to correct or delete data stored in your Services. For example, You can:

• Edit your personal info;
• Edit your member data;
• Delete content;
• Remove a product;

Data that expires after a specific period of time

In some cases, rather than providing a way to delete data, we store it for a predetermined period of time. We defined the retention time frame for each data type, based on the reason for its collection.

Data Type	Examples - Retention Period
Members' Data	Member Transactions – 5 years Member Vouchers that have expired - 24 months Member Receipt Images - 24 months Member Campaign Tags that have expired – 24 months
Services Log	Member Activity Logs - 24 months Services User Activity Logs – 24 months Card Ranking Status History – 24 months Expired Campaign Qualified Log – 12 months Mall Services Audit Logs – 12 months Stored Value Application Programming Interface (API) Integration Logs – 3 months
Communication Log	Completed Email, SMS, Push Blast and Recipient records - 12 months Communication and click tracking records - 12 months
Log files	Operating Systems Logs – 12 months Web Application Firewall (WAF) and Application Load Balancer (ALB) logs -12 months Internet Information Services (IIS) Logs - 12 months CRM Application Programming Interface (API) Integration Logs – 12 months

Production database backup will be retained up to seven (7) years (in any form) or till the expiry date or termination of Agreement plus thirty (30) calendar days, whichever is earlier.

Information retained until your Services are terminated

All services covered by Service Level Agreement are backed up to meet three (3) hours Recovery Point Objective (RPO).

Safe and complete deletion after your Services are terminated

Safe deletion is important to protect you and your customers from accidental data loss. Complete deletion of data from our servers is equally important for your peace of mind.

We keep members’ information and card number perceptually and can be retrieved from your Services until the expiry or termination of Agreement.

After termination of the Service, data collection services will be halted, and your customers’ data will be made available for you to download (via a secure link) for a period of thirty (30) calendar days (the retention period).

At the end of the data retention period, your data including backup data will be permanently deleted and cannot be recovered.

Changes to Retention Policy

Ascentis serves the rights to change this from time to time without prior agreement or notice.

Effective date: 01/02/2024
Last updated: 08/01/2024
Last reviewed: 08/01/2024