Data Retention Policy
Last updated: March 21, 2025
1. Why We Store Data
We collect and keep only the information needed to run Elpidan LEAD, deliver Instagram automation features, and support your account.
2. What We Store
- Account details: name, email, hashed password
- Instagram connection: IG user ID, access token
- Message data: incoming & outgoing DMs
- Automation settings: flows, rules, tags
- System logs: API requests, error traces
- Backups: encrypted database snapshots (used for disaster recovery only)
3. How Long We Keep It
- Account details: deleted 90 days after your last login or when you delete your account
- Instagram connection: deleted 30 days after you disconnect or token expires
- Message data: deleted after 30 days (default)
- Automation settings: until you remove the flow or 90 days after account deletion
- System logs: deleted after 60 days
- Backups: deleted after 30 days (old snapshots automatically purged)
Note: We may keep data longer if required by law (e.g., tax invoices). Otherwise, we delete on the schedule above.
4. How You Can Delete Your Data
- Self-service: Use the “Delete Account” button in Settings to remove your profile and all related data.
- Email request: Contact us at privacy@elpidan.com and we’ll erase your data within 30 days.
5. How We Protect Data
- All traffic is encrypted (HTTPS).
- Databases and backups are encrypted at rest.
- Access is limited to staff who need it to operate the service.
6. Contact
Questions about this policy? Email privacy@elpidan.com
This policy is reviewed annually. Material changes will be announced via the app or email and take effect upon posting.