Data Retention Policy

Data Retention Policy

Taranis Data Retention Policy


Introduction

Taranis is committed to protecting our systems, information, and our customers’ information. The purpose of this Policy is to ensure that necessary records and documents are adequately protected and maintained and to ensure that records that are no longer needed by Taranis or are of no value are discarded at the proper time. This policy defines the retention requirements for customer data in the Taranis SaaS service and Taranis business systems and data. This policy applies to all Taranis employees or contractors working on behalf of Taranis.

Taranis business systems include:

  • Mail (Google Suite)

  • Instant Messaging (Slack) 

  • Business server logs

  • Storage

  • IT authentication  

  • Helpdesk ticketing 

  • CRM, Sales, Marketing

  • HR

  • Learning and Certification

  • Finance

  • Taranis websites

  • Knowledge Center


Policy

Taranis will define a reasonable retention schedule for all systems and data in use within the organization and will document them in the Data Retention Schedule.


Data retention for customer data – SaaS Services

Taranis maintains full control of the data stored through the Taranis SaaS service, including all acquired imagery, generated data and user-provided data, and has responsibility to determine the retention scheme for such data.

The Taranis terms of use specify that while using the Taranis services the customer agrees to share, provide, upload, import, transmit, post, or make accessible to Taranis certain customer data or software and any data which it shares with or makes available to its third party software solution providers. 

Additionally, the customer grants Taranis a non-exclusive license to use, process, display, copy and store the customer data in order to provide its services. Customer further grants Taranis with full access to use the customer data for internal purposes of Taranis (including use of data for future product developments etc.).


Responsibilities

Employees and Contractors

All employees who create and use records and information are responsible for maintaining Taranis Records according to this Policy.


Management and Business Units

All levels of management within Taranis are responsible for ensuring compliance with this Policy within their respective group, region, or function.

They are responsible for ensuring that their employees know where to locate the current Data Retention Schedule and that hard copy and electronic files are kept, stored, or destroyed in compliance with this Policy.


Retention Requirements

Taranis will retain or destroy data files in compliance with the retention periods stated in the Data Retention Schedule.

The retention periods provided in the Data Retention Schedule are intended to be as short as possible to minimize the volume of Taranis Records while still complying with legal, contractual, and/or operational requirements. Records will be kept only for the period stated in the Schedule and will be destroyed or discarded at the stated retention period expiration.


Safeguarding of Data

Measures will be taken to ensure that the information can be accessed by authorized users during the retention period (both with respect to the information carrier and the readability of formats). 


Disposal of Data

As data expires according to the Retention Schedule, the data will be deleted, shredded or otherwise destroyed in accordance with its classification and destruction requirements.

Overall responsibility for the disposal of data belongs to the R&D team.


Policy Enforcement

The Taranis VP R&D is responsible for ensuring compliance with this policy and will assist with the protection of Taranis data.

Any employee found to willfully or intentionally violate this policy may be subject to disciplinary action, up to and including termination of employment.



    • Related Articles

    • Taranis Security And Privacy Incident Response Policy

      Taranis Security And Privacy Incident Response Policy Purpose and Scope The purpose of this policy is to ensure that Taranis reacts appropriately to any actual or suspected security or privacy event regarding Taranis systems and/or data and that all ...
    • Taranis Data Security and Privacy

      Introduction Taranis is committed to providing its customers with a highly secure and reliable environment for our data operations and cloud-based applications. We have therefore developed a multi-tiered security model that covers all aspects of ...
    • Taranis Business Continuity Planning (BCP)

      Business Continuity Plan Overview Taranis systems Business Continuity Plan is a comprehensive statement of actions to be taken before, during and after a disaster. This plan is designed to reduce the risk to an acceptable level by ensuring the ...