Data retention and deletion
How deletion, anonymization, retention review, and deletion exceptions work for GDPR and privacy reviews.
- Last reviewed
Data retention and deletion
Use this page when your team needs to understand what can be deleted, what may need extra review, and what to send us when deletion or retention affects your rollout.
Retention and deletion are related, but they are not the same request. A deletion request asks us to delete, anonymize, suppress, or restrict specific personal data after we verify who is asking and who controls the data. A retention review is broader: it helps decide whether a data class should be kept, minimized, redacted, derived, or deleted as the product changes.
What we support today
We support customer and respondent deletion requests through our privacy request process. Email hello@getuserfeedback.com with the request type, the email address or workspace involved, and any flow or survey context you already have.
Please do not send government IDs, passwords, payment details, or other sensitive documents in your first message. If we need extra verification, we'll ask for the smallest safe proof needed for the request.
For GDPR deletion requests, we aim to respond without undue delay and within one month unless the request is complex or the law allows a different timeline. See Privacy rights and requests for the intake details.
Some deletion work is manual today. That helps us avoid deleting the wrong person's data, coordinate respondent data controlled by a customer, and explain any exception before data is disclosed or removed.
What can be deleted or changed
Deletion depends on the data class and who controls it.
| Area | Typical handling |
|---|---|
| Account profile data | Correct, delete, or minimize account identity fields where the account and workspace state allow it. |
| Workspace configuration | Review with the workspace owner because configuration may belong to your team. |
| Respondent identity data | Delete, anonymize, suppress, or restrict after confirming the respondent and who controls the data. |
| Response content | Coordinate with the customer that collected the response when the customer controls how that data is used. |
| Delivery, email, and conversation data | Delete, redact, suppress, or retain limited delivery state depending on feature needs and legal exceptions. |
| Exports, support copies, logs, and generated analysis | Review manually because copies, logs, and derived analysis can have different retention or security requirements. |
When we no longer need raw identifiers for a product purpose, we prefer to minimize, hash, tokenize, redact, derive, or delete the data instead of keeping unnecessary personal data.
Deletion exceptions
Some data may need to be retained for a limited period or handled differently. Examples include:
- security, fraud prevention, abuse investigation, or service integrity records
- billing, tax, accounting, or contract records
- legal holds, disputes, or compliance obligations
- audit trails that prove a privacy request was received and fulfilled
- backups or operational copies that age out through a controlled lifecycle
- respondent data controlled by a customer where that customer must authorize or coordinate the action
If an exception applies, we record the reason and explain what we can still do, such as redaction, suppression, restriction, or delayed deletion.
What to send us
Tell us when deletion or retention requirements affect a workspace rollout, procurement review, or data processing agreement.
For the fastest review, include:
- the workspace or account covered by the requirement
- the data classes that need deletion, anonymization, or retention limits
- whether respondent data is controlled by your team, by one of your customers, or by another workspace owner
- whether exports, support copies, logs, analytics, email delivery, subprocessors, or AI-assisted workflows must be included
- any deadline or legal basis your team is working under
If your request is mainly about where data is stored or processed, see Data residency.
How we keep this current
When product storage, processing, exports, support workflows, or operational copies change, we review whether this page still matches what customers can expect.
If a change affects a deletion request or customer-specific retention requirement, we'll confirm what is covered, what needs separate review, and whether deletion, redaction, suppression, restriction, or delayed deletion is the right path.