Retention Period Management
Expectations regarding information retention can vary significantly between organizations, generally requiring a compromise between extensive traceability and the ability to retrieve past information, and on the other hand, requirements like those of the GDPR, which stipulate retaining only what is necessary. ExperQuiz now allows you to adjust this retention period according to your own context.
First, let’s highlight three things:
- We are not talking here about the retention of backups, which is set at 2 months for the entire data scope of client environments.
- Many entities fall under a “static” scope and will never be deleted automatically. This typically includes databases, questions, questionnaires, cycles, modules, media, surveys, and skill repositories. They are not personal data and do not have a temporal dimension.
- Users are a particular category of “static” data. They are never deleted automatically, but they do include personal data. However, we will distinguish here between static user data, such as name, surname, email, company, membership groups, permissions, etc., and dynamic user data, which is therefore temporal, such as past test results, modules, or surveys.
The adjustment of the retention period for your organization is covered in a new section of the company settings, which is presented as follows: 
You have three distinct settings:
- User activity data, which primarily includes past tests and their results, evaluations, past modules, sent invitations, and data related to surveys.
- Audit log information. The audit log is the tool for tracking interventions on the platform.
- The log of emails and SMS sent by the platform.
A security measure is in place to protect you against accidental entries:
- The minimum retention period is 6 months for activity data and 3 months for audit logs and emails.
- When you modify these settings, the new values will only be taken into account 7 days later.