Data retention
How long we keep each class of data, and what gets pruned automatically.
Partners sometimes need these numbers for their own compliance filings (GDPR Article 30, SOC 2 data-classification matrices). This page is the source of truth.
Primary resources
| Resource | Retention | Notes |
|---|---|---|
| Invoices (structured data) | Retained as long as the team is active + 60 days after account closure | Legal accounting retention (LT/EU) is 10 years; our default matches partner expectations. Exact per-partner retention is configurable in the dashboard if your jurisdiction requires longer. |
| Invoice source files (PDFs/images uploaded) | 2 years from upload | Pruned on a nightly sweep once the 2-year window elapses. Structured invoice data survives. |
| Processing job rows | 90 days after job reaches a terminal state | Partners typically don't consume these directly; audit logs cover accountability needs for older rows. |
| Contacts & clients | Same lifecycle as the owning team | Hard-deleted immediately on explicit partner action. |
Webhooks & deliveries
| Resource | Retention | Notes |
|---|---|---|
| Webhook endpoints | Until partner deletes them | No automatic pruning. |
| Delivery logs (success + failure) | 30 days | First-attempt rows carry the raw payload; subsequent attempts for the same event drop the payload to save storage. After 30 days, retry/redeliver endpoints return 409 webhook.delivery_payload_unavailable. |
| Delivery stats (daily rollup) | 13 months | For month-over-month comparisons in your analytics. |
Auth & security
| Resource | Retention | Notes |
|---|---|---|
| API keys (hashed) | Preserved indefinitely | Revoked keys are never hard-deleted — revokedAt is set and they remain auditable via GET /audit-logs. |
| Idempotency keys (Redis) | 24 hours | Auto-evicted by Redis TTL. Stale keys can't be replayed. |
| Rate-limit counters (Redis) | 2 minutes (sliding window) | Purely operational, partner-invisible. |
| API-key lookup cache (Redis) | 60 seconds | Partner-invisible; invalidated immediately on revoke/rotate. |
Audit logs
| Resource | Retention | Notes |
|---|---|---|
| Audit log rows | 7 years | Matches SOX and most accounting-software retention norms. Queryable via GET /audit-logs (requires audit:read scope). |
Right to erasure (GDPR)
Partners whose end-customer invokes their right to erasure should contact support@parseo.app with the subject's identifiers. We cascade across invoices, contacts, clients, audit log PII fields (but retain hashed actor IDs where needed for security forensics), and source files. Median turnaround: 48h. A self-service POST /gdpr/erase endpoint is on the roadmap; until it ships, email is the authoritative channel.
Backups
Database backups have their own retention (30 days for operational restore windows). Backups are encrypted at rest and never exported outside our managed cloud provider. Deletion from live data + the 30-day backup rotation means a fully-erased subject persists nowhere after ~30 days of the initial erasure request.