Data Retention and Deletion Policy

Last updated: March 31, 2026

1. Introduction

This Data Retention and Deletion Policy explains how long we retain your data and how you can request deletion. This policy applies to all users of ScoutTrax, including youth members, parents/guardians, adult leaders, and unit administrators.

Your Right to Deletion:

  • You have the right to request deletion of your personal data
  • Parents can request deletion of their child's data
  • Some data may be retained for legal compliance (see below)

2. Data Retention Periods

2.1 Member Records

Active Member Records:

  • Retention Period: While member is active + 7 years after last activity
  • Includes: Advancement records, merit badges, ranks, leadership positions, event participation, service hours
  • Reason: Required for advancement tracking and historical records

Inactive Member Records:

  • Retention Period: 7 years after last activity
  • Definition: Member who has not logged in or had any activity for 12+ months
  • Reason: Historical records and potential re-engagement

Archived Member Records:

  • Retention Period: 7 years after archive date
  • Definition: Members who have left the unit or organization
  • Reason: Historical records and potential re-engagement

2.2 Financial Records

Account Balances and Transactions:

  • Retention Period: 7 years after last transaction
  • Includes: Account balances, payments, invoices, budget records
  • Reason: IRS requirement for financial record retention

Payment Provider Data (Stripe, PayPal):

  • Retention Period: Encrypted OAuth tokens retained while the connection is active; revoked and deleted when disconnected. Transaction records retained for 7 years.
  • Includes: Encrypted access/refresh tokens, account identifiers, payment and invoice records
  • Reason: Required for ongoing payment processing and IRS financial record retention

Bank Connection Data (Plaid):

  • Retention Period: Encrypted access tokens retained while the connection is active; revoked and deleted when disconnected. Imported transactions retained for 7 years.
  • Includes: Encrypted Plaid access tokens, account metadata (name, type, last four digits, institution), imported transaction history
  • Reason: Required for ongoing bank feed sync and IRS financial record retention

Financial Audit Logs:

  • Retention Period: 7 years
  • Includes: All financial transactions, modifications, and corrections
  • Reason: Financial audit and compliance requirements

2.3 User Account Information

Active User Accounts:

  • Retention Period: While account is active + 7 years after last login
  • Includes: Email, name, phone, preferences, authentication data
  • Reason: Account management and historical records

Inactive User Accounts:

  • Retention Period: 7 years after last login
  • Definition: User who has not logged in for 12+ months
  • Reason: Potential re-engagement and historical records

Deleted User Accounts:

  • Retention Period: 90 days (soft delete), then permanently deleted
  • Process: Account is soft-deleted for 90 days, then permanently removed
  • Reason: Account recovery window and legal compliance

2.4 Audit Logs

Security Audit Logs:

  • Retention Period: 3 years minimum
  • Includes: Login attempts, access logs, security events, permission changes
  • Reason: Security monitoring and incident investigation

Activity Audit Logs:

  • Retention Period: 3 years minimum
  • Includes: Data modifications, deletions, corrections, administrative actions
  • Reason: Accountability and compliance

2.5 Communication Records

  • Email Communications: Retained for 2 years (service emails, notifications)
  • SMS Communications: Retained for 90 days (verification codes, notifications)

2.6 Backup Data

  • Database Backups: Retained for 30 days (daily automated backups)
  • Backups are automatically deleted after 30 days
  • Deleted data may remain in backups until backup expiration

3. Data Deletion Process

3.1 User-Initiated Deletion

Account Deletion:

  1. Log into your account
  2. Navigate to Account Settings
  3. Click "Delete Account" or "Request Account Deletion"
  4. Confirm deletion request
  5. Account is soft-deleted immediately
  6. Permanent deletion occurs after 90 days

Data Deletion (Without Account Deletion):

  1. Log into your account
  2. Navigate to Account Settings
  3. Click "Request Data Deletion"
  4. Select data categories to delete
  5. Confirm deletion request
  6. Deletion processed within 30 days

3.2 Parent-Initiated Deletion

Parents can request deletion of their child's data at any time per COPPA requirements. Deletion requests are processed within 30 days. No reason is required.

3.3 Deletion Timeline

  • Immediate: Account access is revoked, account marked as deleted, user cannot log in
  • Soft Delete Period (90 days): Data retained but not accessible; account can be restored by contacting support
  • Permanent Deletion (after 90 days): Data permanently deleted from production database; may remain in backups for up to 30 additional days

4. Data That Cannot Be Deleted

4.1 Legal Compliance Requirements

  • Financial Records: Must be retained for 7 years per IRS requirements, even if the account is deleted. Records are anonymized when possible.
  • Audit Logs: Security and activity audit logs must be retained for 3 years for compliance and security investigations. Logs are anonymized when possible.
  • Legal Holds: Data subject to legal holds cannot be deleted until the hold is released. You will be notified if your data is subject to a legal hold.

4.2 Aggregate and Anonymized Data

Statistical, aggregate, and anonymized data may be retained indefinitely. This data cannot be linked back to individuals and is used for analytics and reporting.

5. Data Export Before Deletion

Before requesting deletion, you can export your data:

  1. Log into your account
  2. Navigate to Account Settings
  3. Click "Export My Data"
  4. Select data categories to export
  5. Download your data in JSON or CSV format

What You Can Export: Advancement records, merit badge progress, rank advancement history, event participation, financial records, and account information.

6. Requesting Deletion

You can request deletion through any of the following methods:

  • Online: Log into your account → Account Settings → Delete Account or Request Data Deletion
  • Email: Send a request to privacy@scouttrax.com with your account email address and the type of deletion requested
  • Mail: Send a written request to ScoutTrax LLC, 30 N Gould St Ste N, Sheridan, WY 82801

We may require identity verification before processing deletion requests to protect against unauthorized deletion. Processing time is within 30 days for data deletion, or immediate (soft delete) for account deletion.

7. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification to your registered email address

Your continued use of ScoutTrax after changes are posted constitutes acceptance of the updated policy.

8. Contact Us

If you have questions about data retention or deletion, please contact us:

ScoutTrax LLC

30 N Gould St Ste N

Sheridan, WY 82801

Email: privacy@scouttrax.com

Support: support@scouttrax.com

Response Time: We will respond within 30 days. Urgent requests are processed within 7 days.

9. Related Policies

← Back to Home