Data Retention Policy
Effective: February 2025
Overview
Revifly retains personal and operational data only as long as necessary to provide services, comply with legal obligations, and resolve disputes.
Retention Periods by Data Type
| Data Category | Retention Period | Reason |
|---|---|---|
| Shop data (brands, offers, vouchers) | Until 30 days after uninstall | Shopify compliance; deleted via shop/redact |
| Voucher and order attribution | Same as shop data; or 7 years if required | Legal/tax; dispute resolution |
| Billing records | 7 years from transaction | Tax, accounting, audit |
| Session tokens | 24 hours | Authentication; auto-expiry |
| Logs | 90 days | Debugging and troubleshooting |
| Compliance webhook responses | 30 days after response | GDPR/CPRA audit trail |
Implementation
- shop/redact: Full deletion of shop data within 30 days of app uninstall.
- customers/redact: Anonymization or deletion of customer-linked data within 30 days.
- Scheduled cleanup: Logs and other transient data purged per retention schedule.
Exceptions
Data may be retained beyond these periods if required by law, court order, or regulatory investigation. Billing data may be retained until active disputes are resolved.