Data retention and account deletion
Overview
FTE Tree follows a structured data lifecycle to protect your information while meeting compliance and retention requirements. This article explains what happens to your organization's data when a subscription ends, how long data is retained, and how permanent deletion works.
Access needed
| Activity | Access needed |
|---|---|
| Review retention policy | Active organization membership |
| Request deletion or legal-hold assistance | Organization owner, billing administrator, or other authorized requester |
| Review Activity history retention | View audit events or Export audit evidence |
| Access setup | See Permissions and roles. |
When a subscription ends
When your subscription is cancelled or expires, your organization enters a 90-day grace period. During this period:
- All of your data (positions, employees, departments, approval history, etc.) is fully preserved.
- Access to FTE Tree is restricted until the subscription is renewed.
- You can resubscribe at any time during the grace period to restore full access with all data intact.
If no action is taken within the 90-day grace period, your organization becomes eligible for data anonymization.
Data anonymization
After the grace period, FTE Tree reviews your organization's status and confirms that data removal should proceed. Once confirmed, the following occurs:
- Workspace data is permanently deleted: positions, employees, departments, job codes, approval requests, reports, messages, uploaded files, and all associated records.
- Activity and audit records are anonymized: event dates and types are preserved, but personally identifiable information such as names, descriptions, and notes is removed.
- Billing records are anonymized: a billing account reference is preserved for dispute resolution, but all contact information, addresses, and payment details are removed.
- A minimal organization record is preserved: only anonymized information needed for compliance and account history is retained.
This process is irreversible. Once anonymization is complete, your workspace data cannot be recovered.
Retention of anonymized records
Anonymized activity and billing records are retained for approximately 7 years after anonymization to meet financial record-keeping and compliance obligations. During this retention period:
- No personally identifiable information is stored.
- Only anonymized event details and the billing account reference remain.
- These records cannot be used to identify any individual.
After the 7-year retention period, the anonymized records and minimal organization record are permanently deleted.
Activity and security record retention
FTE Tree keeps different types of audit and history records for different lengths of time:
-
Activity history such as position changes, approval actions, user updates, and other business-history entries is retained for the lifetime of your organization's account. These records appear in Activity history pages and are available for reporting when your permissions allow it.
-
Security and account activity records such as sign-ins and access-related events are retained for 730 days and may be periodically cleaned up after that period.
-
Notification delivery records such as email delivery outcomes are retained for 90 days and may be periodically cleaned up after that period.
These records are subject to the anonymization process described above when a subscription ends and the grace period expires.
Report data retention
Generated reports, along with any attached files, are automatically deleted after the report retention period. Reports that are pending or currently running are never deleted by this process.
Workspace summaries and saved report views remain with your organization's data until changed by an authorized user or removed through account deletion.
Legal holds
In certain situations (such as pending litigation or regulatory investigations), your organization may be placed under a Legal hold. While a legal hold is active:
- Data anonymization is blocked, regardless of subscription status or grace period.
- Permanent deletion is blocked, even if the retention period has passed.
- All data is preserved in its existing state until the hold is lifted.
Legal holds are handled by FTE Tree after a verified request and are typically applied at the request of legal counsel.
Requesting immediate deletion
If you need your organization's data removed before the standard grace period, contact us or email support@ftetree.com. FTE Tree can expedite the anonymization process after verifying the request.
Summary
| Stage | Timeframe | What happens |
|---|---|---|
| Subscription active | Ongoing | Full access, all data preserved |
| Grace period | 90 days after subscription ends | Data preserved, access restricted, resubscription restores access |
| Anonymization | After grace period + FTE Tree confirmation | Operational data deleted, personal information removed, minimal account record retained |
| Retention | ~7 years after anonymization | Anonymized records preserved for compliance |
| Backup copies | 90 days rolling | Encrypted daily backups, auto-deleted after retention period |
| Permanent deletion | After retention period | All records permanently removed |