Data Retention Policy

Last Updated: May 19, 2025

This Data Retention Policy describes how Qevor Lamixu ("we," "us," or "our") retains, stores, and deletes personal data and other information collected through our online seminar platform and related services.

1. Purpose and Scope

This policy establishes consistent standards for the retention and deletion of data collected from users of our services. We retain data only as long as necessary to fulfill the purposes outlined in our Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

This policy applies to all personal data and non-personal information collected through:

Our website at qevorlamixu.com
Online seminar platforms and virtual classrooms
Communication channels including email, phone, WhatsApp, and Signal
Registration and enrollment systems
Discussion forums and interactive features

2. Data Categories and Retention Periods

2.1 Account and Registration Data

Data Type: Name, email address, phone number, contact preferences, password hashes, account settings

Retention Period: Duration of active account plus 3 years after account closure or last activity

Purpose: Provide access to services, communicate with users, maintain account security

2.2 Enrollment and Participation Records

Data Type: Seminar registrations, attendance records, participation history, completion certificates, learning progress

Retention Period: 7 years after seminar completion

Purpose: Maintain educational records, verify completion, support credential validation, improve course offerings

2.3 Payment and Billing Information

Data Type: Transaction records, payment receipts, billing addresses, invoice history

Retention Period: 7 years from transaction date

Purpose: Financial recordkeeping, tax compliance, fraud prevention, refund processing

Note: We do not store complete credit card numbers. Payment card data is processed through secure third-party payment processors.

2.4 Communication Records

Data Type: Email correspondence, support tickets, chat messages, phone call logs, WhatsApp and Signal communications

Retention Period: 3 years from last communication

Purpose: Customer support, dispute resolution, service improvement, quality assurance

2.5 Discussion and User-Generated Content

Data Type: Forum posts, comments, discussion contributions, shared materials, peer feedback

Retention Period: Duration of active account plus 2 years, or indefinitely if content is essential to ongoing discussions

Purpose: Maintain educational dialogue continuity, support collaborative learning environment

2.6 Technical and Usage Data

Data Type: IP addresses, browser information, device identifiers, access logs, page views, session data, cookies

Retention Period: 18 months from collection date

Purpose: Security monitoring, fraud detection, website optimization, technical troubleshooting

2.7 Marketing and Promotional Data

Data Type: Email subscription lists, communication preferences, promotional engagement metrics

Retention Period: Until user unsubscribes plus 30 days, or 3 years of inactivity

Purpose: Send educational updates, seminar announcements, promotional materials

2.8 Analytics and Aggregated Data

Data Type: Anonymized usage statistics, performance metrics, aggregated demographic information

Retention Period: Indefinitely, as data cannot be linked to individuals

Purpose: Business intelligence, service improvement, trend analysis

3. Extended Retention Circumstances

We may retain data beyond standard retention periods when:

Required by applicable laws, regulations, or legal obligations
Necessary for ongoing legal proceedings, investigations, or audits
Essential for enforcing our terms of service or other agreements
Required to protect our rights, property, or safety, or those of others
Needed to resolve disputes or claims
User has provided explicit consent for extended retention

When extended retention applies, we will document the reason and review the necessity annually.

4. Data Deletion Procedures

4.1 Automatic Deletion

Our systems automatically flag data for deletion when retention periods expire. Deletion occurs through scheduled processes that:

Permanently remove data from active databases
Delete data from backup systems within 90 days of flagging
Overwrite storage locations to prevent recovery
Remove data from third-party systems where technically feasible

4.2 User-Requested Deletion

Users may request deletion of their personal data by contacting us at info@qevorlamixu.com or through our contact channels. Upon verification of identity, we will:

Process deletion requests within 30 days
Permanently delete requested data unless retention is legally required
Provide confirmation of deletion upon completion
Maintain minimal records of the deletion request itself for compliance purposes

4.3 Account Closure

When users close their accounts:

Account access is immediately disabled
Personal identifiers are removed from public-facing content within 7 days
Complete data deletion follows retention schedules outlined above
Some anonymized data may be retained for analytics purposes

5. Data Storage and Security

5.1 Storage Locations

Data is stored in secure facilities with appropriate physical and technical safeguards. Storage locations are selected based on:

Security infrastructure quality
Regulatory compliance capabilities
Service reliability and redundancy
Data protection standards

5.2 Security During Retention

Throughout the retention period, we maintain security measures including:

Encryption of data in transit and at rest
Access controls limiting data to authorized personnel
Regular security audits and vulnerability assessments
Intrusion detection and monitoring systems
Secure backup and disaster recovery procedures

5.3 Third-Party Storage

When third-party service providers store data on our behalf, we ensure they:

Maintain equivalent data protection standards
Comply with our retention requirements
Delete data upon contract termination
Provide audit capabilities and transparency

6. Inactive Account Management

6.1 Inactivity Definition

An account is considered inactive when there has been no login or engagement for 24 consecutive months.

6.2 Notification Process

Before deleting inactive accounts, we will:

Send initial notification at 18 months of inactivity
Send final warning at 22 months of inactivity
Provide 60-day grace period to reactivate account
Proceed with deletion if no response is received

6.3 Reactivation

Users may reactivate inactive accounts by logging in before the deletion date. Reactivation resets the inactivity timer.

7. Backup Data Management

We maintain backup copies of data for disaster recovery purposes. Backup retention follows these principles:

Backups are encrypted and stored securely
Backup data is retained for 90 days maximum
Deleted data is removed from backups during regular backup cycles
Backup restoration only occurs for legitimate recovery needs
Backups are not used to circumvent retention policies

8. Special Categories of Data

8.1 Sensitive Personal Data

If we collect sensitive personal data, we apply enhanced protection and shorter retention periods unless longer retention is specifically required.

8.2 Children's Data

Data of users under 18 years of age is subject to stricter retention limits and is deleted within 1 year of account closure or reaching age of majority, whichever comes first, unless parental consent specifies otherwise.

8.3 Employment and Application Data

Information from job applicants or employment candidates is retained for 2 years from application date unless the individual is hired.

9. Data Retention Review

We conduct regular reviews of our data retention practices:

Annual audit of retention periods and compliance
Quarterly review of deletion processes and effectiveness
Assessment of legal and regulatory changes affecting retention
Evaluation of data minimization opportunities
Updates to retention schedules as necessary

10. Your Rights Regarding Data Retention

You have the following rights related to how we retain your data:

Right to Access: Request information about what data we hold and retention periods
Right to Deletion: Request earlier deletion of your data subject to legal limitations
Right to Restriction: Request limitation of processing during retention period
Right to Object: Object to retention of data for specific purposes
Right to Data Portability: Receive your data in structured format before deletion

To exercise these rights, contact us using the information provided below.

11. Legal and Regulatory Compliance

Our retention practices are designed to comply with various legal requirements, including:

Tax and financial reporting obligations
Employment and labor law requirements
Consumer protection regulations
Educational recordkeeping standards
Data protection and privacy laws
Electronic communications regulations

When laws conflict, we apply the strictest standard or seek legal guidance.

12. Data Breach and Incident Response

In the event of a data breach affecting retained data:

We will assess the scope and impact immediately
Affected individuals will be notified as required by law
Compromised data may be deleted earlier than scheduled if security cannot be restored
We will document the incident and review retention practices

13. Business Transfers

If we are involved in a merger, acquisition, or sale of assets:

Data retention obligations transfer to the successor entity
Users will be notified of any changes to retention practices
Existing retention commitments will be honored
Users may request deletion before transfer is completed

14. Exceptions and Special Circumstances

14.1 Research and Education

Anonymized data used for educational research may be retained indefinitely for academic purposes.

14.2 Public Content

Content you have made publicly available may be retained longer to maintain the integrity of public discussions and educational resources.

14.3 Fraud Prevention

Data related to fraud, abuse, or security incidents may be retained longer to protect our services and users.

15. Contact Information

For questions about our data retention practices or to exercise your rights, please contact us:

Qevor Lamixu
Darnytskyi Blvd, 1а
Kyiv, Ukraine, 02000

Email: info@qevorlamixu.com
Phone: +380509150909
WhatsApp: https://wa.me/380509150909
Signal: https://signal.me/#p/+380509150909

16. Policy Updates

We may update this Data Retention Policy periodically to reflect:

Changes in legal or regulatory requirements
Evolution of our services and data practices
Technological improvements in data management
Feedback from users and stakeholders

When we make material changes:

The "Last Updated" date will be revised
Registered users will be notified via email
Notice will be posted on our website
Previous versions will be archived for reference

Continued use of our services after policy updates constitutes acceptance of the revised retention practices.

This policy is effective as of the last updated date shown above and applies to all data collected on or after that date. Data collected before this date remains subject to the retention policy in effect at the time of collection, unless we obtain your consent for new terms.