Retention
Data Retention Schedule
A plain-language summary of how long Palindrome keeps major categories of data.
Effective date: May 22, 2026
Purpose-Based Retention
Palindrome keeps data for the period needed to provide the service, support reporting and audit needs, maintain security, meet legal obligations, resolve disputes, and preserve deletion proof.
The product posture is to retain useful ESG evidence while reducing unnecessary identity exposure over time.
Retention controls are Admin-reviewed. Export packages, legal holds, manual overrides, evidence cleanup, and deletion-safe audit events support the workflow, but they are not a replacement for a customer's own PDPA program.
Backup And Storage Limits
The current Supabase project is hosted in Singapore (`ap-southeast-1`), outside Malaysia. Database backups may retain database rows for the provider backup window after live deletion or anonymization.
Supabase database backups contain Storage metadata, not the actual Storage files. Storage files need separate object backup or migration handling, and a database restore does not bring back objects that were deleted from Storage after the backup.
Retention Summary
| Data type | Retention approach |
|---|---|
| Account data | Kept while the account is active. Deleted or anonymized after termination unless needed for security, billing, legal, audit, or deletion proof. |
| Organization profile data | Kept while the customer workspace is active. Included in the 30-day export window. Deleted or anonymized after the export window unless a lawful retention reason or legal hold applies. |
| ESG and governance records | Kept while needed for reporting, audit, tenders, certification, customer packs, legal obligations, or business records. The planning assumption is a 7-year reporting/business-record window where appropriate. |
| HR and worker personal data | Kept only while needed for the customer ESG, HR, compliance, reporting, legal, or evidence purpose. Direct identifiers should be minimized, masked, anonymized, or deleted when no longer needed. |
| Storage evidence files | Policy documents are currently uploaded to the public `policy-documents` Supabase Storage bucket and tracked for cleanup. Storage files are kept while they support an active record, report, certification, customer pack, audit window, or legal hold, and deleted with the related record or workspace where appropriate. |
| Import files | Uploaded spreadsheet files are not retained by default after parsing. Import metadata may be retained. |
| Audit logs | Accountability metadata may be retained. Sensitive old/new values should be redacted after the relevant retention, deletion, or anonymization event unless legal hold applies. |
| Generated reports | Kept while needed for reporting, audit, customer requests, or business records. Included in termination export. |
| Public report share links | Expire by default after 90 days and may be revoked by Admins. |
| Deletion, anonymization, and minimization requests | Admins can generate an export package, observe the 30-day export window, record legal holds, and execute deletion/anonymization only through the reviewed retention workflow. |
| Database backups | Database rows may remain recoverable in Supabase database backups until the provider backup window expires. Database backups include Storage metadata but not Storage files. |
| Support and privacy requests | Kept while needed to resolve the request and prove handling, then minimized where appropriate. |
Contact
For legal, privacy, or data-rights questions, contact privacy@palindrome.my.