Data Retention Policy

Effective Date: January 1, 2020
Last Updated: December 17, 2024

Guardian Computer, LLC (“we,” “us,” or “our”) is committed to ensuring the responsible management of data throughout its lifecycle. This Data Retention Policy outlines how we collect, store, retain, and securely dispose of data to comply with legal, regulatory, and operational requirements.

1. Purpose

This policy ensures that data:

  • Is retained only as long as necessary for legitimate business or legal purposes.

  • Is securely disposed of when no longer needed to minimize risks of unauthorized access, breaches, or misuse.

2. Scope

This policy applies to all data collected, stored, processed, and disposed of by Guardian Computer, including:

  • Personal Data: Information about individuals, such as clients, employees, and users.

  • Business Data: Operational records, communications, and transaction data.

  • SMS Data: Information related to SMS messaging, including phone numbers, message content, and opt-in preferences.

It covers all data in electronic and physical formats, whether managed on-premises, in the cloud, or by third-party service providers.

3. Data Retention Periods

We retain data for the following durations based on its type and purpose:

4. Secure Disposal of Data

When data is no longer required, we ensure secure disposal through the following methods:

  • Electronic Data:

    • Permanently deleted from systems using industry-standard wiping methods.

    • Securely deleted from third-party platforms or cloud environments.

  • Physical Data:

    • Shredded or destroyed to prevent reconstruction or unauthorized access.

Regular audits are conducted to ensure compliance with these procedures.

5. Third-Party Data Management

When data is processed by third-party service providers (e.g., cloud platforms, SMS providers), we ensure:

  • Providers comply with our retention and disposal standards.

  • Data is deleted from their systems when retention periods expire.

We maintain agreements with all third parties to enforce these standards.

6. Legal and Regulatory Exceptions

In certain circumstances, data may be retained longer than the specified retention periods to comply with:

  • Legal requirements (e.g., litigation holds, regulatory investigations).

  • Government requests or subpoenas.

Such data will be securely archived and access will be restricted.

7. Monitoring and Review

We regularly review this policy to ensure it remains compliant with applicable laws and industry standards, including:

  • General Data Protection Regulation (GDPR).

  • California Consumer Privacy Act (CCPA).

  • The Campaign Registry (TCR) requirements.

Any updates to this policy will be reflected in the “Last Updated” section above.

8. User Rights and Requests

Users may request:

  • Access to the data we hold about them.

  • Correction of inaccurate data.

  • Deletion of data where retention is no longer necessary.

To exercise these rights, contact us at support@gcit.net. Requests will be addressed in accordance with applicable privacy laws.

9. Contact Information

If you have questions about this policy or wish to make a data-related request, contact us:

Guardian Computer, LLC
3500 N. Causeway Blvd, Suite 435
Metairie, LA 70002
Phone: 1-504-457-0005
Email: support@gcit.net
Website: www.gcit.net