1. Purpose
This Data Retention & Erasure Policy ("Policy") defines the periods for which Glianomics Pvt Ltd retains personal data collected through the TRACKT platform, the triggers for deletion, and the process by which users may request erasure of their data.
This Policy is consistent with:
- Digital Personal Data Protection Act 2023 ("DPDP Act") §8(7) — deletion obligation when purpose is no longer served
- Digital Personal Data Protection Rules 2025 ("DPDP Rules") — data fiduciary obligations
- IT (SPDI) Rules 2011 — data not to be retained longer than necessary
- GDPR Article 5(1)(e) — storage limitation principle (EU users)
- Consumer Protection Act 2019 — reasonable data handling obligations
This Policy should be read together with the TRACKT Privacy Policy v2.2 and Terms of Use v2.2. The summary retention table in Privacy Policy §8 reflects this Policy.
2. Core Principles
2.1 Purpose Limitation
Personal data is retained only for as long as it is necessary to fulfil the purpose for which it was collected, to comply with a legal obligation, or to defend against a legal claim.
2.2 Storage Limitation
Once the retention period expires, or once the purpose for which the data was collected is no longer being served, the data will be securely deleted or anonymised.
2.3 Data Minimisation
Glianomics retains only the minimum data necessary for each stated purpose.
2.4 Legal Hold
Where data is subject to a legal hold (active litigation, regulatory investigation, or court order), the standard retention periods are suspended until the hold is lifted.
3. Retention Schedule by Data Category
| Data Category | Retention Period | Storage Type | Deletion Trigger |
|---|---|---|---|
| Account data (name, email, profile) | Duration of active account + reasonable period after deletion request | Active | Account deletion or erasure request |
| Health and SPDI data (weight, medication logs, behavioral data) | Duration of active account + reasonable period after deletion request | Active with access controls | Account deletion or erasure request |
| AI interaction logs and nudge history | Up to 30 days in active storage; up to 12 months in archived storage | Active then archived | End of retention period or erasure request |
| Device and system data | In accordance with data minimisation schedule | Active | Automatic expiry |
| Usage and interaction patterns | Up to 30 days active; up to 12 months archived | Active then archived | End of retention period or erasure request |
| Inferred and derived data (CE Scores, Habit Scores, Metabolic Scores) | Duration of active account + reasonable period after deletion request | Active | Account deletion or erasure request |
| Third-party integration data (Apple Health, wearables) | Same as source data category | Active | Account deletion or erasure request |
| Support and communication records | 12 months from last communication | Active | Automatic expiry or erasure request |
| Grievance and complaint records | 36 months (3 years) from closure | Archive | Automatic expiry (civil limitation period) |
| Billing and payment records | 7 years | Archive | Legal obligation (tax and accounting law) |
| Security and audit logs | In accordance with Internal Security & Data Protection Policy (minimum: CERT-In mandated period) | Secure archive | Automatic expiry; incident logs retained 36 months |
| De-identified aggregate data (research opt-in users only) | May be retained beyond standard periods | Research database | N/A — cannot be re-identified; no erasure obligation |
| Backup copies | In accordance with backup lifecycle schedule | Encrypted backup storage | Automated lifecycle expiry |
4. Active Account Data — Retention During Use
While your account is active, Glianomics retains the data necessary to deliver the Service. Within the active account period, the following sub-rules apply:
4.1 Hot/Cold Data Separation
- "Hot" data (actively used for personalisation and wellness features): retained for the period of active use within the account
- "Cold" data (archived for continuity and compliance): retained for up to 12 months from archival date
- Total maximum retention for operational data: approximately 12 months from last interaction, after which data is deleted or anonymised
4.2 Inactivity
If your account is inactive for more than 12 consecutive months, Glianomics will send a notification to your registered email address asking you to confirm continued use. If no response is received within 30 days of that notice, your account will be marked for deletion and your data queued for erasure within the next scheduled deletion cycle.
5. Account Deletion and Erasure
5.1 How to Delete Your Account
You may delete your TRACKT account at any time through:
- In-app: Settings → Account → Delete Account
- Email request to: privacy@glianomics.com
5.2 Deletion Process
Upon receipt of a deletion request:
| Step | Action |
|---|---|
| Acknowledgment | Confirmation sent to your registered email without undue delay |
| Verification | Identity verified against registered account details |
| Account deactivation | Account access disabled; data removed from active processing systems |
| Personal data deletion | Personal data deleted from active and archived storage within 30 days of verification |
| Backup purge | Personal data removed from backup systems at next scheduled backup rotation cycle |
| Confirmation | Deletion confirmation sent to your registered email on completion |
5.3 Exceptions to Deletion
The following data may be retained beyond the standard deletion timeline:
- Legal obligation data: Billing records (7 years for tax compliance), data subject to a court order or regulatory direction
- Legal hold data: Data required for active litigation or regulatory investigation — retained until the hold is lifted
- Grievance records: Complaint and grievance records retained for 3 years from closure (Limitation Act 1963)
- De-identified aggregate data: Data that has been genuinely anonymised and cannot be re-identified is not subject to erasure obligations
When an exception applies, Glianomics will notify you of the reason and the expected duration of retention.
6. Right to Erasure (Right to be Forgotten)
6.1 You have the right to request erasure of your personal data under:
- DPDP Act 2023 §12 (Right to Erasure)
- GDPR Article 17 (EU/EEA users)
6.2 Grounds for Erasure Request
You may request erasure when:
- The data is no longer necessary for the purpose for which it was collected
- You withdraw consent (where processing was based on consent) and there is no other legal basis
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
6.3 Response Timeline
Glianomics will respond to erasure requests within 30 days of identity verification. For complex requests (e.g., data held across multiple systems), this may be extended by a further 30 days with prior notice to you.
6.4 Partial Erasure
Where some but not all data can be erased (due to legal hold or obligation exceptions), Glianomics will erase all data that can be erased and notify you of the categories retained and the reason.
7. Data Portability
7.1 GDPR users (EU/EEA) have the right to receive a copy of their personal data in a structured, commonly used, machine-readable format under GDPR Article 20.
7.2 India users may request a copy of their personal data under DPDP Act §11.
7.3 To request a data export, contact privacy@glianomics.com. Exports will be provided within 30 days in JSON or CSV format as appropriate to the data type.
8. Backup and Archive Management
8.1 Backup copies of data are retained in accordance with our backup lifecycle schedule. Backups are stored in encrypted storage separate from the primary data region and are not accessible for day-to-day processing.
8.2 Personal data subject to a deletion or erasure request will be removed from active and archived systems within 30 days of verification. Removal from backup systems will occur at the next scheduled backup rotation cycle following the 30-day active deletion window.
8.3 Backup data is used solely for disaster recovery purposes.
9. De-identified and Anonymised Data
9.1 Data that has been genuinely de-identified or anonymised to a standard where re-identification is not reasonably possible is not considered personal data and is not subject to this Policy's retention limits.
9.2 The de-identification standard applied by Glianomics is defined in and governed by the Internal Security & Data Protection Policy. This standard is reviewed annually. Any data asserted to be de-identified for research purposes must meet the standard documented therein before being transferred to the research data environment.
9.3 De-identified aggregate data retained for research purposes is subject to internal data governance controls maintained by the Glianomics data team. Glianomics will ensure appropriate governance arrangements are in place before entering into any external research partnerships or data sharing arrangements.
10. Legal Hold Procedure
10.1 Where Glianomics receives a court order, regulatory direction, or anticipates litigation requiring preservation of specific data, a Legal Hold Notice will be issued internally.
10.2 Data subject to a Legal Hold will be:
- (a) preserved in its current state
- (b) excluded from standard deletion cycles
- (c) accessible only to authorised legal and compliance personnel
- (d) logged in the Legal Hold Register
10.3 Legal Holds will be reviewed every 6 months. When a hold is lifted, standard retention and deletion procedures will resume.
11. Policy Review and Updates
This Policy will be reviewed annually and updated as required by changes in regulatory requirements, product architecture, data processing activities, or retention best practices. Material changes to this Policy will be communicated to users in accordance with §14 of the Privacy Policy.
12. Contact
For questions about data retention, erasure requests, or data portability:
Privacy Queries: privacy@glianomics.com
Grievance Officer: grievance@glianomics.com
Entity: Glianomics Pvt Ltd, 21/1306 (2), SOMAN NAGAR, Karamana, Thiruvananthapuram-695002, Kerala, India
Response: We will respond to verified requests within 30 days