Data Deletion Policy

Skode Technologies ("Skode," "we," "us," or "our") respects your right to control your personal data. This Data Deletion Policy explains how you can request the deletion of your data, what data is deleted, the timeline for processing requests, and any exceptions that may apply.

This policy is provided in accordance with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Indian Digital Personal Data Protection Act, 2023, and other applicable data protection laws.

1. Your Right to Deletion

You have the right to request the deletion of your personal data held by Skode. This right applies to:

Account Holders: You may request the deletion of your Skode account and all associated personal data at any time.
End Users (Data Subjects): If your personal data has been stored in Skode by one of our customers (the data controller), you should direct your deletion request to that customer. We will assist our customers in fulfilling such requests in accordance with our Data Processing Agreement.
Website Visitors: You may request the deletion of any personal data we have collected through our website, such as contact form submissions or cookie data.

2. How to Request Data Deletion

Self-serve account deletion from inside the Skode dashboard is on our roadmap but is not available today. Please use one of the following channels:

Privacy email: Send your request to privacy@skode.ai with the subject line “Data Deletion Request”. This is the fastest route for GDPR, UK GDPR, CCPA, and DPDPA-2023 requests.
Support: Contact our support team at support@skode.ai.
Workspace admins: If you are the admin of a workspace, you can delete individual team members from Settings → Team, which triggers cascade deletion of that user’s profile, membership, and active sessions.

If you are a data subject of a Skode customer (for example, a lead or contact stored in a Skode workspace by one of our business customers), your data is controlled by that customer, not by Skode. Please contact the Skode customer first. Skode acts as a processor and will assist that customer in fulfilling your request under our Data Processing Agreement.

When submitting your request, please include:

Your full name and the email address associated with your Skode account.
A description of the specific data you want deleted (or a request for full account deletion).
Any additional information that may help us locate your data.

3. Verification Process

To protect your privacy and prevent unauthorized deletion requests, we verify all data deletion requests before processing them:

Account Holders: You must be logged into your Skode account when submitting the request in-app. For email requests, we will send a verification email to the address on file and may ask you to confirm your identity.
End Users: We verify requests through the data controller (our customer) who originally stored your data. We may require the data controller to confirm the request.
Authorized Agents: If someone submits a deletion request on your behalf, we require written authorization from the account holder and verification of the agent's identity.

We will not fulfill a deletion request until verification is complete. If we cannot verify your identity, we will notify you and explain what additional information is needed.

4. What Data Is Deleted

Upon a verified and approved deletion request, the following categories of data will be permanently removed from our active systems:

Account Information: Your name, email address, password hash, profile settings, and preferences.
CRM Data: Leads, contacts, deals, tasks, notes, custom fields, and all records you created or imported.
Communication Records: Email logs, call records, chat histories, and messaging data stored within the platform.
Invoicing data: Invoices, payment records, and credit notes are retained for 7 years from the end of the relevant financial year as required by the Indian Income-tax Act 1961 and Section 36 of the Central Goods and Services Tax Act 2017 (72-month statutory retention). They cannot be deleted during that period. Other billing records are deleted upon verified request.
Files and Attachments: Documents, images, and other files uploaded to your account.
Activity Logs: Audit trails, login history, and usage analytics associated with your account.
AI-generated data: AI analysis results, predictions, and recommendations generated from your data. AI Connector audit-log entries (IntegrationEvent rows) are automatically purged after 30 days for successful events; failed events may be kept longer for security investigation and deleted as part of routine review.

5. Timeline for Deletion

We process data deletion requests according to the following timeline:

Acknowledgment: We will acknowledge your request within 2 business days of receipt.
Verification: Identity verification is completed within 5 business days.
Active System Deletion: Data is removed from our active databases and systems within 30 calendar days of a verified request.
Backup Purge: Data is purged from encrypted backups within 90 calendar days. During this period, backup data is not actively used and is only retained for disaster recovery purposes.
Confirmation: We will send you a confirmation email once deletion from active systems is complete.

6. Exceptions to Deletion

In certain circumstances, we may be unable to delete some or all of your data. Exceptions include:

Legal Obligations: We may retain data required to comply with applicable laws, regulations, or legal proceedings, including tax and accounting requirements. Financial transaction records may be retained for up to 7 years as required by law.
Fraud Prevention: Data necessary to detect, prevent, or investigate fraud, security incidents, or violations of our Terms of Service may be retained.
Legitimate Business Interests: Aggregated, anonymized, or de-identified data that can no longer be linked to you may be retained for analytics and service improvement purposes.
Pending Disputes: If there is an ongoing dispute, investigation, or legal claim involving your account, data may be retained until the matter is resolved.
Third-Party Obligations: Data that has been shared with third parties prior to the deletion request may not be recoverable. We will inform you if this applies and provide contact information for the relevant third parties.

If any exception applies, we will inform you of the specific data being retained, the legal basis for retention, and the expected retention period.

7. Data Retention After Account Deletion

The deletion lifecycle after a verified request is:

Your account becomes inaccessible immediately upon verification of the request.
30-day restore window: For 30 days after cancellation or request, you may contact privacy@skode.ai to cancel the deletion and recover your account and CRM data. This window exists to protect against accidental or unauthorised deletion.
90-day deletion window: After the 30-day restore window ends, your data is removed from active production systems within 30 days, and purged from encrypted disaster-recovery backups within a further 90 days. During this period, backups are not accessed for any purpose other than restoration following an incident.
Deletion certification on request. Upon written request, we will certify in writing that Personal Data has been deleted, identifying any records retained under a carve-out (for example invoices, see § 6) and the basis for that retention.
Once deletion is complete, your email address is released and may be used to create a new account.

8. Partial Deletion Requests

You may request deletion of specific categories of data without deleting your entire account. For example, you may request deletion of:

Specific lead or contact records.
Communication history for particular contacts.
Files and attachments.
Activity logs and usage data.

Partial deletion requests are processed on a case-by-case basis. Some data may be interdependent, and we will inform you if deleting specific data affects other parts of your account.

9. Customer Data (B2B)

If you are a Skode customer (data controller) and wish to delete data stored in your CRM on behalf of your contacts or leads:

You can delete individual records directly within the Skode CRM interface at any time.
Bulk deletion tools are available under Settings > Data Management for large-scale deletions.
Deleted records are moved to a trash folder and permanently purged after 30 days.
As the data controller, you are responsible for responding to data subject deletion requests from your contacts.

10. Platform-Specific Data Deletion

10.1 Meta Platform Data (Facebook, Instagram, WhatsApp)

When you disconnect your Facebook Page, Instagram account, or WhatsApp Business account from Skode Flow, you may request deletion of all associated Meta platform data. To delete Meta data:

Option A — Automated Callback: Skode provides a Data Deletion Callback URL configured in the Meta App Dashboard. When you remove Skode from your Facebook Settings (Settings > Business Integrations), Meta sends an automated deletion request to our servers. We process the deletion and provide a confirmation code and status check URL where you can monitor progress.
Option B — Manual Request: Email privacy@skode.ai with the subject line "Meta Data Deletion Request" and include the Facebook Page name or Instagram account associated with Skode.

Meta platform data is deleted from active systems within 30 days and from backups within 90 days. You will receive a confirmation email when active system deletion is complete. You may also revoke access via Facebook Settings > Business Integrations or Instagram Settings > Apps and Websites.

10.2 TikTok Data

Upon disconnection of TikTok integration or upon your request, TikTok data is deleted from active systems immediately. Backup purge completes within 90 days. If we inadvertently receive personal data through TikTok APIs that was not authorized for collection, we delete it within 30 days and notify TikTok. To request deletion, email privacy@skode.ai or disconnect the TikTok integration in your account settings.

10.3 LinkedIn Data

Upon request or when you disconnect LinkedIn from Skode, all LinkedIn-sourced data is permanently deleted within 10 days. You may also revoke access through LinkedIn Settings > Data Privacy > Permitted Services. We will comply with any data deletion requests from LinkedIn and certify deletion upon request. Email privacy@skode.ai with the subject line "LinkedIn Data Deletion Request."

10.4 Snapchat / Snap Data

You may revoke Snap Kit access through Snapchat Settings > Connected Apps and request deletion of all Snap-sourced data. All Snap data is deleted upon termination, and Skode will certify deletion upon Snap's request. Camera Kit data is deleted within 30 days. Email privacy@skode.ai with the subject line "Snap Data Deletion Request."

10.5 Telegram Data

You may block the Telegram bot at any time to immediately stop data collection. To request deletion of all Telegram-sourced data (message content, user identifiers, media files), email privacy@skode.ai with the subject line "Telegram Data Deletion Request" and include the Telegram bot username. Deletion requests are processed within 30 days in accordance with Telegram's Bot Developer Terms of Service. Backup purge completes within 90 days.

11. Non-Discrimination

We will not discriminate against you for exercising your data deletion rights. Specifically, we will not deny you services, charge you different prices, or provide a different level of service quality because you submitted a deletion request.

12. Changes to This Policy

We may update this Data Deletion Policy from time to time. Changes will be posted on this page with an updated effective date. We will notify you of material changes through email or a prominent notice on our website.

13. Contact Us

For data deletion requests or questions about this policy:

Email: privacy@skode.ai
Support: support@skode.ai
Privacy Policy: View our Privacy Policy
DPA: View our Data Processing Agreement