Data Retention Policy
Last Updated: March 2026
1. Overview
SegmentOS is committed to retaining personal data only as long as necessary to provide our services and meet legal obligations. This Data Retention Policy explains how long we keep different types of data and our deletion processes.
This policy complies with GDPR, CCPA, and other applicable data protection regulations.
2. Data Retention Periods
The following table outlines our retention periods for different data types:
| Data Type | Retention Period | Reason |
|---|---|---|
| Customer Features and Segments Computed feature values, core tags, and semantic tags | Subscription duration | Required to provide segmentation, insights, and tag sync |
| Order Records Customer profile references, order and refund attributes | Subscription duration | Required for feature computation and segmentation rules |
| Tag Audit Logs Before/after tag snapshots and change metadata | 12 months rolling window | Supports observability, troubleshooting, and compliance review |
| Sync and Queue Metadata Job status, run history, and retry metadata | 90 days | Required to monitor and ensure reliable background processing |
| Session Tokens OAuth access tokens | 30 days (or until refresh) | Authentication and API access |
| Encrypted Backups Database and operational backups | 30 days | Disaster recovery and data loss prevention |
| Uninstalled Shop Data All shop data after app uninstallation | 48 hours | GDPR compliance (grace period for accidental uninstalls) |
3. Automatic Deletion Processes
3.1 Analytics Data (90 Days)
Queue and sync operational records older than 90 days are periodically reviewed and removed. This helps us maintain reliability without retaining technical logs longer than necessary.
3.2 App Uninstallation (48 Hours)
When a merchant uninstalls SegmentOS:
- All application records are deleted from primary storage
- All customer feature and tag data is removed
- Process completes within 48 hours of uninstallation
- Backups are purged within 30 days
3.3 Backup Rotation (30 Days)
Encrypted backups are retained for 30 days for disaster recovery purposes, then permanently deleted. Backup retention follows the same retention rules as primary data.
4. Manual Deletion Requests
4.1 Customer Data Requests
Customers can request deletion of their personal data by contacting:
- The merchant (store owner) directly
- SegmentOS support at vellir.tech@gmail.com
We will process deletion requests within 30 days in accordance with GDPR requirements.
4.2 Merchant Data Requests
Merchants can delete their data at any time by:
- Removing synced tags and segment data through the app
- Adjusting segmentation settings to stop optional processing
- Uninstalling the app (deletes all data)
5. Legal Retention Requirements
In certain circumstances, we may be required to retain data for longer periods due to:
- Legal or regulatory obligations
- Ongoing legal proceedings or investigations
- Tax or accounting requirements
- Fraud prevention and security
When legal requirements conflict with retention policies, we will retain data only as long as legally required and notify affected parties when possible.
6. Data Anonymization
For analytics data that must be retained for business purposes, we may anonymize personal identifiers while preserving aggregate statistics. Anonymized data:
- Cannot be linked back to individual customers
- Uses hashed identifiers instead of real data
- May be retained beyond standard retention periods
7. Secure Deletion Methods
When data is deleted, we employ the following methods:
- Application Records: Permanent deletion from primary data stores
- Database Records: Hard deletion from PostgreSQL (not just soft deletion)
- Backups: Complete removal from backup systems
- Encryption Keys: Destruction of encryption keys for encrypted data
Deleted data cannot be recovered once the deletion process is complete.
8. Retention Policy Updates
We may update this Data Retention Policy to reflect changes in legal requirements, business practices, or service improvements. Updates will be posted on this page with a revised "Last Updated" date.
Material changes will be communicated to merchants via email or in-app notifications.
9. Contact Information
If you have questions about our data retention practices or want to request deletion of your data, please contact us: