Taranis Data Retention Policy
Taranis is committed to protecting our systems, information, and our customers’ information. The purpose of this Policy is to ensure that necessary records and documents are adequately protected and maintained and to ensure that records that are no longer needed by Taranis or are of no value are discarded at the proper time. This policy defines the retention requirements for customer data in the Taranis SaaS service and Taranis business systems and data. This policy applies to all Taranis employees or contractors working on behalf of Taranis.
Taranis business systems include:
Mail (Google Suite)
Instant Messaging (Slack)
Business server logs
Storage
IT authentication
Helpdesk ticketing
CRM, Sales, Marketing
HR
Learning and Certification
Finance
Taranis websites
Knowledge Center
Taranis will define a reasonable retention schedule for all systems and data in use within the organization and will document them in the Data Retention Schedule.
Taranis maintains full control of the data stored through the Taranis SaaS service, including all acquired imagery, generated data and user-provided data, and has responsibility to determine the retention scheme for such data.
The Taranis terms of use specify that while using the Taranis services the customer agrees to share, provide, upload, import, transmit, post, or make accessible to Taranis certain customer data or software and any data which it shares with or makes available to its third party software solution providers.
Additionally, the customer grants Taranis a non-exclusive license to use, process, display, copy and store the customer data in order to provide its services. Customer further grants Taranis with full access to use the customer data for internal purposes of Taranis (including use of data for future product developments etc.).
All employees who create and use records and information are responsible for maintaining Taranis Records according to this Policy.
All levels of management within Taranis are responsible for ensuring compliance with this Policy within their respective group, region, or function.
They are responsible for ensuring that their employees know where to locate the current Data Retention Schedule and that hard copy and electronic files are kept, stored, or destroyed in compliance with this Policy.
Taranis will retain or destroy data files in compliance with the retention periods stated in the Data Retention Schedule.
The retention periods provided in the Data Retention Schedule are intended to be as short as possible to minimize the volume of Taranis Records while still complying with legal, contractual, and/or operational requirements. Records will be kept only for the period stated in the Schedule and will be destroyed or discarded at the stated retention period expiration.
Measures will be taken to ensure that the information can be accessed by authorized users during the retention period (both with respect to the information carrier and the readability of formats).
As data expires according to the Retention Schedule, the data will be deleted, shredded or otherwise destroyed in accordance with its classification and destruction requirements.
Overall responsibility for the disposal of data belongs to the R&D team.
The Taranis VP R&D is responsible for ensuring compliance with this policy and will assist with the protection of Taranis data.
Any employee found to willfully or intentionally violate this policy may be subject to disciplinary action, up to and including termination of employment.