GleamConnect logoGLEAMCONNECT

GleamConnect Data Retention, Deletion, and Archive Policy

Effective date: 18 April 2026Version: retention-archive-policy-2026-04-18Policy describing how GleamConnect handles active data, deletion, restricted archive, and legal hold states.

GleamConnect Data Retention, Deletion, and Archive Policy

Provider: Gleam Connect Ltd
Company number: [insert after incorporation]
Registered office: [insert registered office]
Country of incorporation: Ireland
Primary contacts: legal@gleamconnect.com | privacy@gleamconnect.com | support@gleamconnect.com
Last updated: 18 April 2026
Status: Draft legal pack for implementation and external solicitor review before production launch

This policy explains how GleamConnect handles data lifecycle events across active data, restricted archive, legal hold, and final deletion.

1. Core principles

GleamConnect follows these principles:

  • retain no more active data than reasonably necessary;
  • distinguish active operational data from restricted archive data;
  • do not treat “delete” as a promise of immediate destruction in every case;
  • use archive retention transparently and only for legitimate legal, security, compliance, and integrity purposes;
  • maintain a chain of custody for evidence-grade records.

2. Data states

2.1 Active

Operationally usable data visible in normal product flows.

2.2 Restricted / archived

Data removed from normal workflows, hidden from ordinary use, and retained in a controlled archive for legal, security, integrity, and dispute-resolution purposes.

2.3 Legal hold

Data frozen from deletion because of actual or anticipated litigation, complaint, regulator request, insurer involvement, fraud review, or other formal dispute.

2.4 Purged

Data permanently deleted or irreversibly anonymised once lawful retention no longer applies.

3. Default retention approach

3.1 Subscription, billing, finance, and tax records

Retained for the period required by accounting, tax, and audit obligations.

3.2 Security logs and audit trails

Retained for as long as reasonably necessary to maintain security, investigate incidents, prevent fraud, and defend claims.

3.3 Clinic-controlled patient and booking records

The clinic controls operational use of patient and booking records. However, GleamConnect may retain restricted archive copies of key records, including booking snapshots, intake PDFs, consent logs, archive requests, access logs, and evidence manifests.

3.4 Default archive baseline

Unless a longer period is required, the default restricted archive baseline in this policy is 6 years from the archival trigger.

This is a baseline, not a maximum. A longer period may apply where:

  • law or regulator guidance requires it;
  • insurer requirements apply;
  • the clinic documents a longer lawful retention requirement;
  • a legal hold is active;
  • a complaint, claim, investigation, or enforcement matter remains open.

4. What “delete” means in the services

When a clinic or user deletes data from active use, GleamConnect may:

  • remove it from standard interfaces;
  • stop using it for active workflows;
  • mark it archived or inactive;
  • maintain a restricted archive copy where lawful and necessary.

Deleted records are not secretly reused for ordinary operations.

5. Restricted archive controls

Archived records:

  • are not available in ordinary clinic interfaces;
  • are not reactivated casually;
  • are stored under tighter access controls;
  • are logged when accessed;
  • may be bundled into formal evidence exports;
  • may be preserved under legal hold.

6. Archive access

Clinics do not have direct self-service access to archived records. Access occurs only through the controlled request and review process described in the Archive Access, Legal Hold, and Evidence Request Policy.

7. Final deletion

Where no legal hold or other lawful retention basis remains, archived records are scheduled for final deletion or irreversible anonymisation after the applicable retention period.

8. User rights requests

Where a user requests deletion, GleamConnect and the relevant clinic will assess the request under applicable law. Erasure may be refused or limited where retention remains necessary for legal obligations, legal claims, fraud prevention, or archive integrity.

9. Versioning and evidence integrity

Where a restricted record is generated as part of an evidence-grade workflow, GleamConnect may preserve timestamps, manifests, hashes, signatures, and chain-of-custody information required to maintain evidential value.

10. Contact

Questions about retention or deletion can be sent to privacy@gleamconnect.com.