Data Retention Policy

This page describes how long Handshake retains operational, billing, compliance, and support records.

General Retention Principle

Handshake retains data only as long as reasonably necessary to operate the service, maintain security, support billing, comply with legal obligations, resolve disputes, and enforce agreements.

Active Accounts

Administrator contact data and related operational records may be retained while an account remains active and while needed for ordinary business operations.

Inactive or Terminated Accounts

After account termination or extended inactivity, data may be deleted, de-identified, or anonymized within a reasonable period, unless continued retention is required for legal, billing, security, fraud prevention, audit, or dispute-resolution purposes.

SMS Compliance Records

Opt-in records, message logs, and related compliance data may be retained to demonstrate consent, delivery history, abuse handling, and compliance with carrier, messaging, or platform requirements.

Billing and Financial Records

Billing records, payment events, invoices, charge history, and related accounting records may be retained as required by law, tax rules, payment processor requirements, and legitimate business needs.

Security and Audit Logs

Security, authentication, and audit logs may be retained for a limited period as necessary to protect the integrity of the service, investigate incidents, and support compliance or legal obligations.

Deletion Requests

Deletion requests are handled as described in the Privacy Policy. Where deletion is permitted, requests are generally processed within 30 days, subject to lawful retention needs.