Legal
Data Processing and Retention
This article describes how SysOS processes data on your behalf and how long it is kept. It is a general template for adaptation.
Roles
- You are the controller of the data in your workspace.
- We act as a processor, handling data per your instructions and our agreement.
Processing principles
- We process data only to provide the service.
- We apply appropriate technical and organizational safeguards.
- We use sub-processors only under contract and disclose them on request.
Retention periods
| Data type | Default retention |
|---|---|
| Active workspace records | While your account is active |
| Backups | Rolling short-term window |
| Audit and security logs | Limited period for security |
| Deleted records | Purged after a short grace window |
Deletion
- Deleting a record removes it from active use and schedules it for purge.
- Closing your account triggers deletion of workspace data after a grace period, subject to legal holds.
Backups
We take regular encrypted backups for disaster recovery. Backups age out automatically.
Data location
Data is processed on our cloud infrastructure with security controls appropriate to its sensitivity.