Data Retention Policy

Last Updated: January 10, 2025

This Data Retention Policy explains how Nipaxer retains, stores, and deletes personal data and other information collected through our services. This policy applies to all users of nipaxer.com and related services.

Purpose and Scope

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. This policy outlines the retention periods for different categories of data.

Categories of Data and Retention Periods

Account Information

Personal data associated with user accounts, including names, email addresses, and profile information, is retained for the duration of the active account plus an additional period as described below:

• Active accounts: Data retained while account remains active and in good standing
• Inactive accounts: Data retained for 24 months following last login or activity
• Closed accounts: Data retained for 90 days after voluntary account closure, then permanently deleted
• Suspended accounts: Data retained for 36 months or until legal matters are resolved

Learning and Course Data

Information related to course enrollment, progress, completion, and learning activities:

• Course progress and completion records: Retained for 5 years after course completion
• Submitted assignments and assessments: Retained for 3 years after submission
• Course certificates and credentials: Retained indefinitely or until user requests deletion
• Learning preferences and settings: Retained while account is active

Communication Records

Records of communications between users and our platform:

• Email correspondence: Retained for 3 years from date of last message
• Support tickets and inquiries: Retained for 5 years after ticket closure
• Chat logs and messages: Retained for 12 months after conversation
• Notification history: Retained for 6 months from delivery date

Payment and Transaction Data

Financial records and transaction history:

• Payment transaction records: Retained for 7 years to comply with financial regulations
• Billing information: Retained while account is active plus 7 years
• Refund records: Retained for 7 years from transaction date
• Invoice history: Retained for 7 years from issue date

Technical and Usage Data

Information collected automatically through platform usage:

• Access logs and IP addresses: Retained for 12 months
• Device information and browser data: Retained for 18 months
• Cookies and similar technologies: Retained according to cookie policy, typically 12 months
• Analytics data: Aggregated data retained indefinitely; individual data retained for 24 months

Security and Fraud Prevention Data

Information collected for security purposes:

• Security incident logs: Retained for 5 years
• Fraud detection records: Retained for 7 years
• Authentication logs: Retained for 18 months
• Abuse reports: Retained for 5 years or until legal matters are resolved

Legal and Compliance Retention

Certain data may be retained longer than specified periods when required by law or to establish, exercise, or defend legal claims:

• Data subject to legal hold: Retained until legal matter concludes
• Data required by regulatory authorities: Retained according to applicable laws
• Data involved in disputes or litigation: Retained until final resolution
• Data subject to tax or accounting requirements: Retained for 7 years minimum

Data Deletion Process

Automatic Deletion

When retention periods expire, data is automatically scheduled for deletion through our secure data disposal process. Deletion occurs within 90 days of retention period expiration unless legal obligations require longer retention.

Secure Disposal Methods

We employ industry-standard methods to ensure permanent deletion:

• Overwriting data multiple times before deletion
• Cryptographic erasure of encryption keys
• Physical destruction of hardware containing irretrievable data
• Verification procedures to confirm complete deletion

Backup Systems

Data in backup systems is deleted according to backup rotation schedules, typically within 90 days of deletion from production systems. Backup deletion follows the same secure disposal methods.

User-Initiated Deletion

Users may request deletion of their personal data at any time, subject to legal obligations:

• Account deletion requests processed within 30 days
• Specific data deletion requests processed within 45 days
• Confirmation provided upon completion of deletion
• Some data may be retained longer if required by law

To request data deletion, contact us at contact@nipaxer.com or use the account settings interface.

Exceptions to Deletion

Certain data may be retained beyond standard periods in the following circumstances:

• Ongoing legal proceedings or investigations
• Unresolved disputes or claims
• Regulatory audits or examinations
• Contractual obligations requiring longer retention
• User consent for extended retention
• Legitimate business interests, such as fraud prevention

Anonymized and Aggregated Data

We may retain anonymized and aggregated data indefinitely for statistical analysis, research, and platform improvement. This data cannot be used to identify individual users and is not subject to retention limits or deletion requests.

Data Portability Before Deletion

Users may request a copy of their personal data before deletion. We provide data in commonly used, machine-readable formats within 30 days of request. This allows users to transfer data to other services if desired.

Third-Party Service Providers

Data shared with third-party service providers is governed by contractual agreements requiring similar retention and deletion practices. We ensure providers delete or return data when services are terminated or retention periods expire.

Changes to Retention Periods

We may update retention periods in response to:

• Changes in legal or regulatory requirements
• Business necessity or operational changes
• Technological improvements in data management
• User feedback and privacy best practices

Material changes to retention periods will be communicated through email notification or prominent platform notices at least 30 days before implementation.

Record Keeping

We maintain internal records documenting:

• Categories of data collected and processed
• Purposes for data collection
• Retention periods for each data category
• Deletion procedures and schedules
• Legal basis for retention

Data Protection Officer

Our Data Protection Officer oversees compliance with this retention policy and handles questions or concerns about data retention practices. Contact the Data Protection Officer at contact@nipaxer.com.

Audit and Compliance

We conduct regular internal audits to ensure compliance with this policy and verify that data retention and deletion procedures are properly implemented. Audit findings are reviewed and addressed promptly.

International Data Transfers

When data is transferred internationally, retention periods remain consistent across jurisdictions unless local laws require longer retention. We ensure transferred data is protected according to this policy regardless of location.

Contact Information

For questions, concerns, or requests regarding this Data Retention Policy, please contact us:

Nipaxer
Holovna St, 246
Chernivtsi, Chernivtsi Oblast
Ukraine, 58000
Email: contact@nipaxer.com
Phone: +380661770807

Policy Review

This Data Retention Policy is reviewed and updated annually or more frequently as needed to reflect changes in practices, technologies, or legal requirements. The last updated date at the top of this document indicates the most recent revision.