Under data protection rules, you should not retain personal data for longer than necessary, so we recommend that you review and clean up your Impact Stack data on a regular basis.
When to expire data is up to you as the data controller; there’s no way for us to know when the purpose of a petition or other form has been fulfilled. But we have scripts which will allow us to expire data on request.
Rather than deleting data, we expire it for you. This means that the record will continue to exist in Impact Stack, so that any counters or analytics continue to work and your overall supporter numbers won't change, but all personally identifiable data will be gone. This means you can still access general information on eg which payment methods were most popular, which action, or version of an action, had the most submissions, but you are not retaining personal data.
We have scripts to expire the following:
1/ Contact data without (email OR phone OR post) opt-in. The country, the supporter tags and, if applicable, the MP data will be kept,
2/ Comment fields in all webform submissions,
3/ Bank details in webform submissions (via Direct Debit),
4/ All submitted data on specific webforms by node ID.
Data expiry process
We'll work through your requirements so that we're all clear about which data should be expired. You'll need to think about:
- Which sets of data do you want to expire, based on the list above?
- Where relevant (data sets 2 to 4), for which time frame should the data be kept? In other words, what is the date of the oldest data you would like to keep?
- For webform data (set 4), which nodes do you want to expire?
- If you're expiring supporter records (set 1) will you need to synchronise post, phone or email opt-ins from another tool (CRM, email marketing tool, etc) before the data expiry? (This will require additional support time)
- Is there anything else you would like us to consider?
We can help you work out what’s needed - just contact firstname.lastname@example.org.
A supporter may contact you and request for their data to be deleted. It is possible to delete individual supporter records or webform submissions within the Impact Stack interface. However, we recommend contacting support to ask us to carry out this task for you - that way we can keep an (anonymised) list of records which are not to be restored in case we ever need to restore your database from backups, and make sure that the record isn't recreated in error. Back ups are retained for six months, after which they are deleted.