Data Retention Policy

AiVRIC aligns retention to business need, regulatory requirements, and customer commitments. Content tagged as customer data follows the minimum necessary retention rules described in the Trust Center and our Privacy Policy.

• Customer scan data and telemetry: retention configurable per workspace; default periods align to SOC 2 evidence windows.
• Backups: retained per the Data Backups Overview and purged on schedule after verified rotation.
• Audit and security logs: kept to support forensic investigation and compliance attestations; see Logging & Monitoring.

Data subject rights and deletion workflows are handled in accordance with the Privacy Policy and the Data Processing Addendum when applicable.