Data Retention
January 2025
January 2025
(Version 1.1)
Responsible Data Retention
GoGorilla Media and Technologies Group Ltd adheres to a strict data retention framework in compliance with the storage limitation principle under UK GDPR Article 5(1)(e). This policy outlines the retention periods for different categories of personal data and the procedures for its secure deletion.
Retention Framework and Principles
The Company’s data retention framework is based on legal requirements, operational needs, and data protection principles. Personal data is retained only for as long as is necessary for the purpose for which it was originally collected.
Storage Limitation Principle
We follow the UK GDPR principle that personal data should be kept only as long as
necessary for the purposes it was collected. This means:
Purpose-Based Retention: Data kept only as long as necessary for the original purpose.
Legal Compliance: Retention periods comply with legal and regulatory requirements.
Regular Review: Periodic assessment of retention needs and periods.
Secure Deletion: Secure and verifiable deletion when retention period expires.
Retention Criteria
We determine retention periods based on:
Legal Requirements: Statutory retention obligations.
Regulatory Guidance: Industry-specific retention guidelines.
Business Needs: Operational requirements and customer service.
Data Subject Rights: Your rights to erasure and data portability.
Risk Assessment: Data sensitivity and potential impact.
Retention Periods by Data Category
Different types of personal data have different retention periods based on their purpose and legal requirements.
Data Category
Data Item
Retention Period
Deletion Trigger or Action
Main Reason
Legal Basis
Account and Profile Data
Customer account information
Duration of relationship plus seven years after account closure
Securely deleted once the retention period expires
Customer service, dispute resolution, regulatory compliance
Contract performance; legal obligation
Authentication credentials (passwords etc.)
Duration of relationship
Securely deleted within thirty days of account closure
Security best practice
Contract performance; legitimate interests (security)
Profile preferences and settings
Duration of relationship
Deleted within ninety days of account closure
No longer required once you stop using the services
Contract performance
Contact information
Duration of relationship plus three years
Securely deleted after retention period
Legitimate business purposes, potential re-engagement
Contract performance; legitimate interests
Financial and Transaction Data
Payment information
Seven years after last transaction
Deleted after statutory retention period
Regulatory compliance, dispute resolution, tax obligations
Contract performance; legal obligation
Transaction records
Seven years after transaction date
Deleted after statutory retention period
Financial regulations, audit requirements
Legal obligation
Card and payment-method data
Duration of relationship
Tokenised data deleted within thirty days of account closure
Security - actual card details never stored long term
Contract performance; legitimate interests (security)
Financial services application data
Seven years after application completion or withdrawal
Deleted after statutory retention period
Regulatory requirements for financial applications
Legal obligation
Marketing and Communications Data
Marketing consent records
Three years after consent withdrawal
Deleted after retention period
Proving compliance with marketing regulations
Legal obligation; consent
Email marketing data
Until consent withdrawn or three years of inactivity
Deleted when consent withdrawn or retention period expires
Providing marketing services you have consented to
Consent (prospects); legitimate interests (existing clients)
Campaign performance data - individual
Deleted after three years
Automatic deletion
Service improvement and optimisation
Legitimate interests
Campaign performance data - aggregated
Anonymised after two years, then kept indefinitely
Remains only in anonymised form
Long-term analytics without personal identification
Legitimate interests
Customer communication records
Seven years
Deleted after retention period
Customer service, dispute resolution, quality assurance
Contract performance; legitimate interests
Technical and Usage Data
Platform usage analytics - individual
Two years, then aggregated and anonymised
Personal identifiers removed after two years
Platform improvement, feature development
Legitimate interests
Platform usage analytics - aggregated
Kept indefinitely (no personal data)
Not applicable
Non-personal analytics for long-term trends
Legitimate interests
Log files and system data
One year
Deleted after retention period
Security monitoring, troubleshooting
Legitimate interests; legal obligation (security)
Cookie and tracking data
One to two years (varies by cookie type)
Managed through cookie preferences
Platform functionality, analytics, marketing (with consent)
Consent (analytics/marketing); legitimate interests (strictly necessary)
Legal and Compliance Data
Regulatory reporting data
Seven years or as required by regulation
Deleted when legal requirement ends
Legal compliance, regulatory obligations
Legal obligation
Data-subject rights requests
Three years after resolution
Deleted after retention period
Demonstrating compliance with data-protection duties
Legal obligation
Legal documentation
Seven years or for the duration of the legal obligation
Deleted when obligation ends
Contract management, dispute resolution
Legitimate interests
Technical and Usage Data
Customer support case records
Three years from case closure
Deleted at case resolution plus retention period
Customer service, dispute resolution, quality assurance
Legitimate interests
Technical and Usage Data
Customer support case records
Three years from case closure
Deleted at case resolution plus retention period
Customer service, dispute resolution, quality assurance
Legitimate interests
Extended Retention Circumstances
Retention periods may be extended in certain circumstances:
Legal Hold: Litigation, investigation, or regulatory inquiry.
Ongoing Disputes: Unresolved complaints or legal proceedings.
Regulatory Investigation: Ongoing regulatory examination.
Fraud Investigation: Suspected fraudulent activity.
Deletion Triggers and Criteria
Upon the expiry of the applicable retention period, personal data is securely and irreversibly deleted from all systems. The Company employs a combination of technical deletion methods, including cryptographic erasure and multi-pass overwriting, in accordance with NIST SP 800-88 standards. Physical destruction of media is used for end-of-life hardware, with a full chain of custody and destruction certificates maintained.
Automatic Deletion Triggers
Time-Based Deletion:
Automated systems monitor retention periods.
Data is flagged for deletion when retention period expires.
Secure deletion processes are automatically initiated.
Event-Based Deletion:
Account closure triggers specific deletion timelines.
Consent withdrawal triggers marketing data deletion.
Contract termination triggers business data deletion.
Legal Requirement Changes:
If legal requirements change, we adjust retention periods.
Data may be deleted earlier if no longer legally required.
We notify you of any significant changes.
Manual Review Triggers
Data Subject Requests:
You can request deletion of your data (right to erasure).
We evaluate requests against legal requirements and legitimate interests.
Valid requests are processed within one month.
Legal Holds:
Data may be retained longer if subject to legal proceedings.
Legal holds override standard retention periods.
Data is deleted once legal hold is lifted.
Business Need Assessment:
Regular review of business need for retained data.
Data deleted early if no longer needed for business purposes.
Continuous optimisation of retention practices.
Deletion Criteria Assessment
Secure Deletion Procedures
We implement secure deletion procedures to ensure personal data is permanently and irreversibly removed.
Technical Deletion Methods
Data Overwriting:
Multiple-pass overwriting of storage media.
Ensures data cannot be recovered using standard methods.
Meets or exceeds industry standards for secure deletion.
Cryptographic Erasure:
Deletion of encryption keys renders data unreadable.
Faster and more efficient for large datasets.
Equivalent security to physical destruction.
Physical Destruction:
Physical destruction of storage media when necessary.
Certified destruction with chain of custody documentation.
Used for highly sensitive data or end-of-life hardware.
Deletion Based on Storage Type
Storage Type
Deletion Method
Standard
Verification
Database Records
Cryptographic erasure + overwriting
NIST SP 800-88
Automated verification
File Systems
Multi-pass overwriting
DoD 5220.22-M
Checksum verification
Solid State Drives
Secure erase commands
ATA Secure Erase
Command completion verification
Cloud Storage
Provider secure deletion + key destruction
Cloud provider standards
Deletion certificates
Backup Media
Physical destruction or degaussing
NIST SP 800-88
Destruction certificates
Verification and Documentation
Audit Trails:
Complete records of what was deleted and when.
Verification that deletion was completed successfully.
Regular audits of deletion processes.
Compliance Monitoring:
Regular review of retention and deletion practices.
Verification that legal requirements are met.
Continuous improvement of deletion procedures.
Legal Hold and Litigation Preservation
In certain circumstances, we may need to preserve data beyond normal retention periods for legal purposes.
Legal Hold Procedures
Hold Triggers: Litigation, regulatory investigation, or legal dispute.
Scope Definition: Clear definition of data subject to hold.
Hold Notifications: Formal notifications to relevant personnel.
Monitoring: Ongoing monitoring of hold compliance.
Release Procedures: Formal procedures for releasing held data.
Litigation Support
When data is subject to legal hold:
Preservation: Data preserved in original format and location.
Access Controls: Restricted access to preserved data.
Chain of Custody: Documented chain of custody for legal proceedings.
Expert Support: Technical expert support for legal teams.
Your Control Over Data Retention
Right to Erasure (Right to be Forgotten)
When Can You Request Deletion:
Data is no longer necessary for the original purpose.
You withdraw consent and there's no other legal basis.
Data has been unlawfully processed.
Deletion is required for legal compliance.
How to Request:
Email privacy@gogorilla.com with your deletion request.
Specify what data you want deleted and why.
We'll respond within one month.
Limitations:
We may need to keep some data for legal compliance.
Legitimate interests may override deletion requests.
We'll explain if we can't delete specific data and why.
Account Closure
What Happens When You Close Your Account:
Immediate deletion of authentication credentials.
Profile data deleted within 90 days.
Some data retained for legal/business purposes as outlined above.
Clear timeline provided for all deletion activities.
How to Close Your Account:
Contact support@gogorilla.com.
Use account closure feature in your dashboard.
We'll confirm closure and provide deletion timeline.
Data Minimisation and Anonymisation
The Company actively minimises data collection to what is strictly necessary for the intended purpose. Where feasible, data is anonymised or pseudonymised to reduce privacy risk. Anonymised data may be retained indefinitely for statistical and analytical purposes
Ongoing Data Minimisation
Regular Reviews: Quarterly reviews of data collection and processing.
Purpose Assessment: Ongoing assessment of data necessity for purposes.
Collection Limits: Technical controls to limit data collection.
Processing Restrictions: Automated restrictions on unnecessary processing.
Anonymisation Procedures
We use various anonymisation techniques:
Statistical Disclosure Control: Aggregation and statistical methods.
K-Anonymity: Ensuring groups of at least k individuals.
Differential Privacy: Mathematical privacy guarantees.
Data Synthesis: Creation of synthetic datasets.
Pseudonymisation Implementation
Identifier Replacement: Replacement of direct identifiers with pseudonyms.
Key Management: Secure management of pseudonymisation keys.
Re-identification Controls: Technical and organisational controls to prevent re-identification.
Regular Assessment: Ongoing assessment of pseudonymisation effectiveness.
Legal compliance
This Data Retention Policy and its associated schedules are reviewed annually to ensure continued compliance with legal requirements and alignment with business needs. The process is overseen by the Data Protection Officer.
Retention Policy Reviews
Annual Reviews:
Comprehensive review of all retention periods.
Assessment of legal requirement changes.
Evaluation of business need for retained data.
Updates to retention schedules as needed.
Regulatory Monitoring:
Continuous monitoring of regulatory changes.
Adjustment of retention periods for compliance.
Proactive updates to meet new requirements.
Technology Updates:
Regular review of deletion technologies and methods.
Implementation of improved deletion techniques.
Enhanced automation of retention processes.
Continuous Improvement
What Happens When You Close Your Account:
Immediate deletion of authentication credentials.
Profile data deleted within 90 days.
Some data retained for legal/business purposes as outlined above.
Clear timeline provided for all deletion activities.
How to Close Your Account:
Contact support@gogorilla.com.
Use account closure feature in your dashboard.
We'll confirm closure and provide deletion timeline.
Retention Questions and Requests
If you have questions about our data retention practices or want to request early deletion of your data, we're here to help.
Retention Questions
Email:
privacy@gogorilla.com
Subject:
Data Retention Question
Response Time:
Within 48 hours
Deletion Requests
Email:
privacy@gogorilla.com
Subject:
Data Deletion Request
Response Time:
Within 1 month
Retention Schedule
Email:
privacy@gogorilla.com
Request:
Copy of retention schedule
Response:
Within 1 month
Legal Hold Inquiries
Email:
legal@gogorilla.com
For:
Legal hold and litigation support
We believe that responsible data retention builds trust. By keeping your data only as long as necessary and securely deleting it when we're done, we demonstrate our commitment to your privacy and our legal obligations.
Last Updated: January 2025
Version: 1.1
