Data Retention Policy

How long we keep your data and why — transparent by design

SafeClass Shield · Last Updated: June 1, 2026

FERPA AlignedCOPPA CompliantGDPR Art. 5(e)ISO 27001 A.8.10
SafeClass Shield retains personal data only for as long as necessary to provide our services, meet legal obligations, and resolve disputes. This policy defines specific retention periods for every category of data we collect.

1. Retention Principles

We apply the following principles to all data retention decisions:

  • Data Minimization — we collect only what is needed for the stated purpose
  • Storage Limitation — data is automatically deleted at the end of its retention period
  • Purpose Limitation — data retained for one purpose is not repurposed without consent
  • Accuracy — outdated data is updated or deleted on an ongoing basis
  • Transparency — all retention periods are documented in this policy and communicated to users

2. Retention Schedule

The following table defines retention periods for each data category:

Data CategoryData TypesRetention PeriodLegal Basis
Parent Account DataName, email, hashed password, billing infoDuration of account + 90 daysContractual necessity
Child Profile DataDisplay name, linked devices, school IDsDuration of account + 90 daysParental consent / COPPA
Device Activity LogsDomains visited, blocked/allowed status12 monthsLegitimate interest (safety)
LMS / Assignment DataCourse names, assignment status, gradesActive sync only — deleted on disconnectContractual / parental consent
AI Classification LogsConfidence scores, model version, category24 months (audit/bias review)Legitimate interest (safety AI)
Admin Audit LogsAdmin actions, timestamps, IP addresses730 days (2 years)Legal / SOC 2 compliance
Support TicketsName, email, message content3 yearsLegitimate interest (service quality)
Payment RecordsTransaction IDs, subscription history7 yearsLegal / tax compliance
Security LogsLogin attempts, failed auth, IP history90 daysSecurity / fraud prevention
Compliance ReportsReport requests (org name, email, role)3 yearsLegitimate interest
Backup CopiesAll categories above30 days from backup dateBusiness continuity

3. Children's Data — Special Protections

Children's data receives the most protective retention treatment on our platform.
  • Device activity logs for children are purged after 12 months regardless of account status
  • If an account becomes inactive for 12 months with no login, all child data is automatically scheduled for deletion
  • Parents receive a 30-day advance email notice before any automatic data purge
  • Parents may request immediate deletion at any time — processed within 30 days
  • Deleted child data is removed from all production systems within 30 days and from backup systems within 90 days
  • No child data is retained beyond account deletion except where legally required

4. Deletion Procedures

Automatic Deletion: Our systems perform automated deletion runs weekly. Data past its retention date is flagged, reviewed by our DPO, and permanently deleted using NIST SP 800-88 compliant methods.

Manual Deletion Requests:

  • Submit a deletion request to privacy@safeclassshield.com
  • We will verify your identity within 2 business days
  • All personal data will be deleted from production systems within 30 days
  • Backup copies will be purged in the next scheduled backup rotation (max 90 days)
  • A deletion certificate will be provided upon request
Note: Some data may be retained beyond the deletion request if required by law (e.g., tax records — 7 years; legal holds). We will inform you of any such retention.

5. Legal Holds

Retention periods may be extended if:

  • Data is subject to an active legal hold or litigation preservation obligation
  • A regulatory investigation requires data preservation
  • A court order mandates retention
  • An active insurance claim involves the data

Legal holds are managed by our legal team and do not affect data not subject to the hold.

6. International Data Transfers

SafeClass Shield primarily stores data in the United States (AWS US-East). If we transfer data internationally:

  • EU/EEA transfers are covered by Standard Contractual Clauses (SCCs) under GDPR
  • We apply the same retention periods regardless of where data is stored
  • Sub-processors are contractually bound to our retention standards
  • Cross-border transfers are documented in our Records of Processing Activities

7. Requesting Your Data or Deletion

Data Access
Request a full export of all data held about you
privacy@safeclassshield.com
Data Deletion
Request permanent deletion of your account and all associated data
privacy@safeclassshield.com
Retention Questions
Ask about specific data categories or retention timelines
dpo@safeclassshield.com

Response within 5 business days. Deletion completed within 30 days.

Privacy PolicyTerms of ServiceDPAChildren ProtectionData RetentionIncident ResponseTrust Center
compliance@safeclassshield.com