Introduction
At Phished, we understand the importance of privacy and data protection. Phished will receive and process certain personal data/information of the users of the Phished software (e.g. your employees). This data is processed by Phished to execute our contracts with our clients. As part of our commitment to transparency, we've outlined how long we retain personal data and the circumstances under which it's stored.
Answer
In accordance with the GDPR, to adhere to the principle of data minimization, Phished has implemented policies to limit the storage period of personal data to a strict minimum. Should you, as our client, decide to terminate your contract with Phished, and there is no longer a legal basis for processing the data, we take steps to ensure the removal of all personal data collected for this contract.
Phished employs an automatic process to remove this personal data. According to this process, the personal data is retained until either:
- A period of inactivity of 12 months has passed. This occurs after all accounts have been deactivated due to the expiration of your contract. This additional 12-month period serves as a safeguard in case you change your mind and decide to continue with Phished after termination of your contract. By doing so we ensure that user data and account history are not irreversibly deleted immediately after termination of the contract.
- Immediate removal upon your request.
We understand the importance of preserving user data and account history, especially in cases where clients may reconsider their decision to discontinue services. Our aim is to balance data protection with the flexibility needed to accommodate your preferences.
Other useful FAQ's