Skip to main content
Contact

Data Retention & Destruction Policy

Purpose

BoboCorp (also referred to as “the Company” or “BoboCo LLC”) is committed to responsible data management in support of our mission to improve local data governance and build technology for public good. This policy outlines how BoboCorp collects, retains, and securely disposes of data used across our services, including but not limited to websites like bobocorp.dev and related platforms.

This policy should be read alongside our Privacy Policy, Terms of Use, and Cookie Policy.

Scope

This policy applies to all data collected, processed, or stored by BoboCorp across all systems and formats—digital or physical. It includes data related to users, customers, employees, contractors, vendors, and partners.

It is designed to comply with all applicable laws and regulations, including state and federal privacy laws and international standards like the EU General Data Protection Regulation (GDPR).

Reasons for Data Retention

We retain data only when necessary and for legitimate purposes, including:

  • Providing ongoing service to customers and users
  • Compliance with tax, employment, immigration, or contractual obligations
  • Fulfilling grant reporting or audit requirements
  • Security investigations or incidents
  • Preservation of intellectual property and research outputs
  • Legal defense or litigation
  • Improving products and services (where permitted)

Retention Guidelines

We follow the retention periods listed below unless otherwise required by law:

Data Type Retention Period
Website Visitor & Contact Data1 year from last interaction
Customer Accounts & Billing Info7 years post account closure
Employment & HR Records6 years after employment ends
Program or Project Data5 years after project completion
Legal/Contractual Documents7 years post-expiration
Audit Logs & Access Records1 year

Retention timelines may be extended for legal reasons, business needs, or ongoing investigations.

Data Duplication

To promote efficient storage and reduce security risks, BoboCorp minimizes unnecessary duplication of data. However, backups and business continuity requirements may require some replication.

Data Destruction

Once the retention period has expired, BoboCorp securely destroys data using industry-standard methods, such as secure digital wiping or physical shredding.

If an employee believes certain data should be preserved beyond its scheduled destruction, they must notify their manager and explain the business rationale.

Exceptions

Exceptions to this policy must be approved by BoboCorp's Director of Technology & Security in consultation with legal counsel. In the event of pending or active litigation, a legal hold may be issued, prohibiting destruction of relevant data until the hold is lifted.

Policy Review

This policy will be reviewed annually or as necessary based on changes to laws, regulations, or business practices.

Contact

For questions or requests regarding data retention or deletion, contact us at info@bobocorp.org.