Data Retention and Deletion Policy
Effective Date: 01th April 2025
Last Updated: 29th June 2026
Company Legal Name: Treewalker Digital Private Limited
Product: Galla.app
Website: https://galla.app
Registered Office: Vikas Plaza.38/ 1A (4), Kanappana Agrahara, Hosur Rd, Phase II, Electronic City, Bengaluru, Karnataka 560100
Support Email: support@treewalkerlabs.com
Legal Email: legal@treewalkerlabs.com
CIN: U72900KA2021PTC153840
GSTIN: 29AAICT9733E1ZXs
This Data Retention and Deletion Policy (“Policy”) explains how Treewalker Digital Private Limited (“Treewalker Digital”, “Galla”, “Galla.app”, “Company”, “we”, “us”, or “our”) retains, stores, archives, deletes, anonymises, or returns data processed through Galla.app and related services.
Galla.app is a SaaS platform for retail management, POS billing, warehouse management, inventory management, WhatsApp marketing, ecommerce development, third-party integrations, APIs, dashboards, reporting, automation, hardware-assisted workflows, and related business operations.
This Policy applies to customers, businesses, organisations, companies, firms, proprietorships, partnerships, users, buyers, subscribers, and entities (“Customer”, “you”, or “your”) that use Galla.app.
This Policy should be read together with our Terms of Service, Privacy Policy, Cookie Policy, Data Processing Addendum, Subprocessor List, Acceptable Use Policy, WhatsApp Marketing Policy, Security Overview, SLA and Support Policy, Refund and Billing Policy, Responsible Disclosure Policy, and Incident Response Policy.
1. Purpose of this Policy
The purpose of this Policy is to clearly explain:
- What data Galla.app retains.
- Why data is retained.
- How long different categories of data are retained.
- When data is deleted.
- How account closure and deletion requests are handled.
- How backups are handled.
- How legal, tax, accounting, GST, audit, security, and dispute-related retention works.
- How customer data export works.
- How WhatsApp, POS, WMS, ecommerce, integration, support, and hardware data is retained.
- What the Customer must do before account closure or deletion.
2. General Retention Principle
Treewalker Digital Private Limited retains data only for as long as reasonably required for:
- Providing Galla.app services.
- Operating subscribed modules.
- Supporting retail, POS, warehouse, inventory, WhatsApp, ecommerce, and integration workflows.
- Providing customer support.
- Maintaining business records.
- Meeting legal, tax, GST, accounting, audit, security, and compliance obligations.
- Preventing fraud, abuse, spam, security incidents, or unauthorised access.
- Resolving disputes.
- Enforcing agreements and policies.
- Maintaining backups and business continuity.
When data is no longer required for these purposes, it may be deleted, anonymised, archived, or securely restricted.
3. Recommended Default Retention Schedule
Unless a separate agreement, law, product setting, or enterprise contract states otherwise, Galla.app follows the recommended retention schedule below.
|
Data Category |
Recommended Retention Period |
Deletion / Purge Timeline |
|
Active Customer Data inside SaaS account |
During active subscription |
Not deleted while account is active unless requested and technically feasible |
|
Customer Data after account closure |
90 days from account closure / expiry / termination |
Production deletion after 90 days |
|
Customer Data after approved deletion request |
Within 30 days of approved request |
Deleted from active production systems within 30 days, unless legal retention applies |
|
Backup copies |
30 to 90 days from backup creation |
Automatically overwritten or purged within backup cycle |
|
Deleted user records |
30 days soft-delete, then deletion/anonymisation |
Permanent deletion/anonymisation after 30 days, unless retained for audit/security |
|
POS invoice and billing records |
8 financial years or longer if required |
Deleted/archived after statutory period |
|
GST/tax records |
72 months from due date of annual return, or longer if proceedings exist |
Deleted/archived after legal period ends |
|
Company accounting records |
8 financial years or longer if required |
Deleted/archived after legal period ends |
|
Payment and invoice records |
8 financial years |
Deleted/archived after legal period ends |
|
Support tickets |
3 years after ticket closure |
Deleted/anonymised after 3 years unless needed for dispute/security |
|
Implementation and onboarding records |
3 years after project closure |
Deleted/anonymised after 3 years |
|
WhatsApp campaign logs |
24 months |
Deleted/anonymised after 24 months unless required for billing/dispute/compliance |
|
WhatsApp consent and opt-out records |
Active account period + 3 years |
Deleted/anonymised after retention period, unless legal/dispute hold applies |
|
API logs |
90 days to 12 months |
Deleted/anonymised based on log type and security need |
|
Security logs |
12 to 24 months |
Deleted/anonymised after retention period unless incident/legal hold applies |
|
Audit logs |
12 to 36 months |
Deleted/anonymised after retention period unless required for compliance |
|
Ecommerce order data |
Active account + 90 days after closure, or legal period if invoice/tax record |
Deleted/archived as per data type |
|
Warehouse transaction data |
Active account + 90 days after closure, or longer if part of billing/legal records |
Deleted/archived as per data type |
|
Hardware sales and warranty records |
8 financial years for invoice/tax records; 3 years for support history |
Deleted/archived after applicable period |
|
Marketing lead data of Galla.app |
24 months from last interaction |
Deleted/anonymised unless consent or business relationship continues |
|
Trial/demo account data |
30 days after trial expiry |
Deleted after 30 days unless converted to paid account |
|
Abuse, fraud, or policy violation records |
3 to 7 years depending on severity |
Deleted/archived after risk period |
|
Legal dispute records |
Until dispute is closed + 3 years, or as advised by legal team |
Deleted/archived after legal hold is released |
4. Important Deletion Timelines
The following deletion timelines are recommended for Galla.app:
|
Trigger |
Recommended Action |
Timeline |
|
Customer requests deletion of selected data |
Validate request and delete where technically feasible |
Within 30 days |
|
Customer closes account |
Keep data for retrieval/export window |
90 days |
|
Customer does not renew subscription |
Keep data in restricted/inactive state |
90 days from expiry |
|
Trial account expires |
Delete trial data |
30 days after expiry |
|
Customer asks for full account deletion |
Delete active production data after approval |
Within 30 days |
|
Backup data after deletion |
Allow backup overwrite cycle |
Within 90 days |
|
Legal/tax/accounting data |
Retain as legally required |
6 to 8 years or longer |
|
Security incident data |
Retain for investigation and defence |
3 to 7 years |
|
Opt-out records |
Retain to avoid future unlawful messaging |
Active account + 3 years |
|
Support tickets |
Retain for service history and dispute defence |
3 years |
5. Scope of this Policy
This Policy applies to data processed through or in connection with:
- Galla.app SaaS platform.
- Retail Management module.
- POS Billing module.
- Warehouse Management module.
- Inventory Management module.
- WhatsApp Marketing and Customer Communication module.
- Ecommerce Development and Managed Ecommerce Services.
- Third-party integrations.
- APIs and webhooks.
- Reports and dashboards.
- Customer support.
- Implementation and onboarding.
- Data migration.
- Hardware support.
- Billing and invoicing.
- Website forms and demo requests.
- Security and audit logs.
- Trial, pilot, and demo accounts.
6. Types of Data Covered
This Policy covers the following data categories.
6.1 Account and business data
This may include:
- Customer name.
- Company name.
- Business address.
- GSTIN.
- CIN, where applicable.
- Billing contact.
- Admin user details.
- Subscription plan.
- Contract details.
- User roles.
- Account settings.
- Store, warehouse, and branch details.
6.2 SaaS operational data
This may include:
- Product data.
- Customer records.
- Vendor records.
- Employee or user records.
- POS records.
- Invoice records.
- Purchase records.
- Sales records.
- Inventory records.
- Warehouse movement records.
- Dispatch records.
- Barcode, QR, RFID, batch, and serial number data.
- Ecommerce orders.
- WhatsApp campaigns.
- Reports and dashboards.
- API logs.
- Integration data.
-
6.3 Support and implementation data
This may include:
- Support tickets.
- Emails.
- Chat records.
- Call notes.
- Screenshots.
- Videos.
- Attachments.
- Remote support session details.
- Issue logs.
- Implementation documents.
- Training records.
- Configuration records.
6.4 Technical and security data
This may include:
- IP address.
- Device information.
- Browser details.
- Login logs.
- API logs.
- Audit logs.
- Error logs.
- Security logs.
- System performance logs.
- Integration error logs.
- Access records.
6.5 Hardware-related data
This may include:
- Hardware model.
- Serial number.
- Purchase invoice.
- Delivery date.
- First use date.
- Warranty status.
- Replacement request.
- Service ticket.
- Inspection report.
- Repair record.
- Service partner report.
- Photos or videos shared for troubleshooting.
7. Active Account Retention
During an active paid subscription, Galla.app retains Customer Data required to provide the service.
Active account data is generally retained for the full subscription period unless:
- Customer deletes specific data using available tools.
- Customer requests deletion.
- Data is no longer needed.
- Data violates our policies.
- Data is unlawful.
- Legal or security reason requires restriction or deletion.
- A separate agreement defines a different retention term.
Customer should not use Galla.app as the only archive for legal, tax, statutory, or accounting records. Customer should export and maintain required business records separately.
8. Inactive Account Retention
An account may become inactive due to:
- Subscription expiry.
- Non-renewal.
- Non-payment.
- Customer request.
- Suspension.
- Termination.
- Trial expiry.
- Project closure.
Recommended inactive account retention:
|
Account Type |
Retention Period |
|
Paid account after expiry or non-renewal |
90 days |
|
Paid account after termination by Customer |
90 days |
|
Account suspended for non-payment |
90 days from suspension |
|
Trial account after expiry |
30 days |
|
Demo account after expiry |
30 days |
|
POC account after closure |
30 to 90 days, based on agreement |
|
Enterprise account |
As per agreement; default 90 days |
After the retention period, Galla.app may delete, restrict, archive, or anonymise data.
9. Data Export Before Deletion
Before account deletion, Customer should export all required data.
Exportable data may include, depending on plan and module:
- Product master.
- Customer list.
- Vendor list.
- Employee/user list.
- Sales records.
- Purchase records.
- POS invoices.
- Stock reports.
- Warehouse movement records.
- Inventory reports.
- Dispatch records.
- Ecommerce orders.
- WhatsApp campaign reports.
- Payment records.
- Integration reports.
- Custom reports, where available.
Customer is responsible for exporting data before expiry of the retention window.
Galla.app is not responsible for loss of data if Customer fails to export data before deletion.
10. Deletion After Account Closure
After account closure, cancellation, expiry, or termination:
- Customer account may be moved to inactive state.
- Customer access may be restricted.
- Data may be retained for 90 days for export, reactivation, billing, dispute, and support purposes.
- After 90 days, production data may be deleted or anonymised.
- Backup copies may remain for up to 90 additional days depending on backup cycle.
- Legal, tax, accounting, security, dispute, or abuse records may be retained longer.
Recommended deletion timeline after account closure:
|
Stage |
Timeline |
|
Account closure / expiry date |
Day 0 |
|
Account moved to inactive/restricted status |
Day 0 to Day 7 |
|
Customer export window |
Up to Day 90 |
|
Production data deletion/anonymisation |
After Day 90 |
|
Backup purge |
Within next 30 to 90 days |
|
Billing/legal/security records |
Retained as per legal period |
11. Deletion Upon Customer Request
A Customer may request deletion of selected data or full account data by contacting Galla.app.
Deletion requests should be sent to:
Support Email: support@treewalkerlabs.com
The request should include:
- Customer name.
- Company name.
- Account ID or registered email.
- Data to be deleted.
- Reason for deletion.
- Authorised signatory confirmation.
- GST/legal/tax confirmation, where relevant.
- Contact person details.
After verification and approval, Galla.app will use reasonable efforts to delete active production data within 30 days, unless retention is required for legal, tax, accounting, security, billing, contractual, fraud prevention, dispute, or compliance reasons.
Backup copies may be deleted or overwritten within the normal backup cycle, generally within 90 days.
12. Data Principal / Individual Deletion Requests
Individuals may request deletion of their personal data.
If the data belongs to a Galla.app business customer’s account, Galla.app may redirect the individual to the relevant Customer because the Customer controls the purpose and use of such data.
Examples:
- Retail customer asking deletion from store records.
- Ecommerce buyer asking deletion from merchant records.
- WhatsApp recipient asking deletion from campaign list.
- Vendor contact asking deletion from vendor master.
- Employee asking deletion from employer’s warehouse/POS account.
- Galla.app may assist the Customer where technically feasible, but the Customer remains responsible for responding to such requests where the Customer controls the data.
13. Deletion Exceptions
Galla.app may refuse, delay, restrict, or partially fulfil deletion requests where retention is required for:
- Legal compliance.
- GST records.
- Tax records.
- Accounting records.
- Company law records.
- Billing and invoice records.
- Audit requirements.
- Fraud prevention.
- Security investigation.
- Legal claims.
- Dispute resolution.
- Debt recovery.
- Contract enforcement.
- Law enforcement request.
- Regulatory request.
- Backup cycles.
- Technical limitations.
- Customer’s contractual obligations.
- Protection of rights, property, users, customers, or the public.
Where full deletion is not possible, Galla.app may restrict access, archive data, anonymise personal fields, or retain only the minimum required records.
14. Backup Retention and Deletion
Galla.app may maintain backups for service continuity, disaster recovery, and security.
Recommended backup retention:
|
Backup Type |
Retention Period |
|
Daily backups |
7 to 30 days |
|
Weekly backups |
4 to 8 weeks |
|
Monthly backups |
3 months |
|
Emergency incident backups |
Until incident closure + 90 days |
|
Legal hold backups |
Until legal hold is released |
Backup data is generally not edited or selectively deleted immediately after a deletion request.
When production data is deleted, backup copies may remain temporarily and will be overwritten or purged in the normal backup cycle, generally within 90 days.
If backup data is restored, Galla.app will take reasonable steps to re-apply deletion requests where technically feasible.
15. POS Billing Data Retention
POS billing data may include:
- Invoices.
- Customer name.
- Customer phone number.
- Billing address.
- GSTIN, where applicable.
- Product details.
- Tax details.
- HSN/SAC codes.
- Payment mode.
- Return records.
- Credit notes.
- Debit notes.
- Cashier/user records.
- Store records.
- Billing counter records.
Recommended retention:
|
POS Data Type |
Retention Period |
|
POS invoices and tax records |
8 financial years |
|
GST-related records |
72 months from annual return due date or longer if proceedings exist |
|
Sales reports |
8 financial years |
|
Return/refund records |
8 financial years |
|
POS user activity logs |
12 to 36 months |
|
Draft invoices or abandoned entries |
30 to 90 days |
|
Test invoices in test/demo environment |
30 days |
Customer is responsible for maintaining statutory records and verifying tax, GST, invoice, and accounting information.
16. Retail Management Data Retention
Retail data may include:
- Product master.
- Customer list.
- Vendor list.
- Sales data.
- Purchase data.
- Price data.
- Discount data.
- Loyalty data.
- Store user data.
- Reports.
Recommended retention:
|
Retail Data Type |
Retention Period |
|
Product and vendor master |
Active account + 90 days |
|
Customer master |
Active account + 90 days |
|
Sales and purchase records |
8 financial years where linked to invoices/accounts |
|
Loyalty and marketing records |
Active account + 3 years, unless consent withdrawn |
|
Retail reports |
Active account + 90 days |
|
Deleted product/customer/vendor entries |
30 days soft-delete where supported |
17. Warehouse Management Data Retention
Warehouse data may include:
- Inward records.
- Outward records.
- Putaway records.
- Picking records.
- Packing records.
- Dispatch records.
- Stock transfer records.
- Cycle count records.
- Stock adjustment records.
- Location/bin records.
- Barcode/QR/RFID logs.
- Warehouse user activity.
- Device logs.
- Vendor and delivery contact data.
- ERP/ecommerce/logistics integration records.
Recommended retention:
|
WMS Data Type |
Retention Period |
|
Stock movement records |
Active account + 90 days, or 8 financial years if linked to accounting/tax records |
|
Dispatch and delivery records |
8 financial years where linked to sale/order/tax records |
|
Cycle count and stock audit records |
3 years |
|
Barcode/QR/RFID transaction logs |
24 to 36 months |
|
Warehouse user activity logs |
12 to 36 months |
|
Device/scanner logs |
90 days to 12 months |
|
Temporary scan/session data |
7 to 30 days |
Customer should export warehouse records needed for audit, reconciliation, statutory, or business continuity purposes.
18. Inventory Management Data Retention
Inventory data may include:
- Product data.
- SKU data.
- Batch data.
- Serial number data.
- Stock balance.
- Stock movement.
- Adjustment records.
- Transfer records.
- Purchase records.
- Sales records.
- Expiry data, where configured.
Recommended retention:
|
Inventory Data Type |
Retention Period |
|
Product/SKU master |
Active account + 90 days |
|
Stock movement records |
3 years, or 8 financial years if linked to financial records |
|
Batch/serial data |
Active account + 90 days, or longer where legal/commercial need exists |
|
Stock adjustment records |
3 years |
|
Inventory reports |
Active account + 90 days |
19. WhatsApp Marketing Data Retention
WhatsApp Marketing data may include:
- Recipient name.
- Recipient mobile number.
- Campaign name.
- Message template.
- Message content.
- Delivery status.
- Read status, where available.
- Failed status.
- Response data.
- Consent status, where configured.
- Opt-out status.
- Campaign analytics.
- Provider logs.
- WhatsApp Business Account metadata.
Recommended retention:
|
WhatsApp Data Type |
Retention Period |
|
Campaign history |
24 months |
|
Message delivery logs |
12 to 24 months |
|
Message content/templates |
Active account + 90 days |
|
Recipient lists |
Active account + 90 days, unless deleted earlier |
|
Consent records |
Active account + 3 years |
|
Opt-out/suppression records |
Active account + 3 years |
|
Provider error logs |
90 days to 12 months |
|
Billing records for WhatsApp usage |
8 financial years |
Opt-out records may be retained longer than marketing lists to prevent sending future messages to recipients who have opted out.
20. Ecommerce Data Retention
Ecommerce data may include:
- Buyer name.
- Email address.
- Phone number.
- Billing address.
- Shipping address.
- Order details.
- Payment status.
- Return/refund records.
- Cart data.
- Product catalogue data.
- Shipping and delivery details.
- Marketplace data.
- Ecommerce analytics.
Recommended retention:
|
Ecommerce Data Type |
Retention Period |
|
Orders and invoices |
8 financial years |
|
Buyer records |
Active account + 90 days, unless legally required longer |
|
Shipping/delivery records |
3 to 8 years depending on invoice/legal linkage |
|
Return/refund records |
8 financial years |
|
Cart/session data |
30 to 90 days |
|
Product catalogue |
Active account + 90 days |
|
Ecommerce support data |
3 years |
|
Website form leads |
24 months from last interaction |
For customer-owned ecommerce websites, the Customer is responsible for its own privacy, cookie, retention, and deletion obligations.
21. Third-Party Integration Data Retention
Integration data may include:
- ERP sync logs.
- Accounting sync logs.
- Tally sync data.
- Payment gateway response.
- Marketplace sync data.
- Ecommerce sync data.
- Logistics sync data.
- WhatsApp provider response.
- API request and response logs.
- Error logs.
- Webhook payloads.
Recommended retention:
|
Integration Data Type |
Retention Period |
|
Integration logs |
90 days to 12 months |
|
Failed sync logs |
90 days to 12 months |
|
API request metadata |
90 days to 12 months |
|
Webhook logs |
90 days to 12 months |
|
Payment gateway transaction records |
8 financial years where linked to billing/accounting |
|
ERP/accounting sync records |
8 financial years where linked to accounting/tax records |
Third-party platforms may retain data under their own policies. Galla.app does not control third-party retention.
22. API Logs Retention
API logs may include:
- API key ID.
- Endpoint.
- Timestamp.
- IP address.
- Request metadata.
- Response status.
- Error reason.
- Rate-limit event.
- Webhook delivery status.
Recommended retention:
|
API Log Type |
Retention Period |
|
Standard API logs |
90 days |
|
Error logs |
180 days |
|
Security-related API logs |
12 to 24 months |
|
High-risk or abuse logs |
3 years |
|
API billing records |
8 financial years |
API payloads containing personal or business data should be retained only where necessary for troubleshooting, security, billing, or compliance.
23. Support Ticket Retention
Support data may include:
- Ticket details.
- Email communication.
- Chat transcripts.
- Call notes.
- Screenshots.
- Attachments.
- Videos.
- Error logs.
- Remote support session details.
- Resolution notes.
Recommended retention:
|
Support Data Type |
Retention Period |
|
Standard support tickets |
3 years after closure |
|
Hardware support tickets |
3 years after closure |
|
Critical incident tickets |
5 years |
|
Screenshots/attachments |
12 to 36 months, depending on need |
|
Remote session metadata |
12 months |
|
Call recordings, if any |
90 days to 12 months |
|
Customer training records |
3 years |
Customers should avoid sharing unnecessary personal or sensitive data in support tickets.
24. Hardware Data Retention
Hardware data may include:
- Hardware purchase records.
- Invoice records.
- Serial number.
- Device model.
- Warranty details.
- Delivery records.
- Installation records.
- Replacement request.
- Repair records.
- AMC records.
- Service partner reports.
- Photos/videos for defect verification.
Recommended retention:
|
Hardware Data Type |
Retention Period |
|
Hardware invoice and tax records |
8 financial years |
|
Delivery records |
3 years |
|
Serial number and warranty records |
Warranty period + 3 years |
|
Replacement request records |
3 years |
|
Repair/service records |
3 years |
|
AMC records |
AMC period + 3 years |
|
Photos/videos shared for defect check |
12 months, unless dispute exists |
Hardware records may be retained longer where required for warranty, legal, tax, accounting, service, or dispute reasons.
25. Billing, Finance, GST, and Accounting Records
Billing and accounting records may include:
- Invoices.
- Payment receipts.
- Credit notes.
- Debit notes.
- GST records.
- Subscription records.
- Payment gateway references.
- Bank transaction references.
- Purchase orders.
- Order forms.
- Contracts.
- Tax records.
- Refund records.
- Hardware invoices.
- Vendor invoices.
Recommended retention:
|
Record Type |
Retention Period |
|
Invoices and payment records |
8 financial years |
|
GST records |
72 months from due date of annual return, or longer if proceedings exist |
|
Company books/accounting records |
8 financial years |
|
Contracts/order forms |
Contract term + 8 years |
|
Refund and credit note records |
8 financial years |
|
Tax and audit records |
8 financial years or longer if required |
|
Records under dispute/investigation |
Until closure + 3 years, or as advised by legal/CA |
These records may not be deleted on customer request if legal retention applies.
26. Security Logs and Audit Logs
Security and audit logs may include:
- Login records.
- Failed login attempts.
- Password reset logs.
- Admin activity.
- User activity.
- API access logs.
- Data export logs.
- Permission change logs.
- Suspicious activity logs.
- Incident records.
- IP address and device metadata.
- Integration activity logs.
Recommended retention:
|
Log Type |
Retention Period |
|
Login logs |
12 months |
|
Admin activity logs |
24 to 36 months |
|
Data export logs |
24 to 36 months |
|
Security incident logs |
5 years |
|
Abuse/fraud logs |
3 to 7 years |
|
Standard application logs |
90 to 180 days |
|
Error logs |
180 days |
|
Audit logs for enterprise customers |
As per agreement, default 24 months |
Security logs may be retained longer to investigate incidents, prevent fraud, enforce policies, or defend legal claims.
27. Website and Marketing Lead Data
Galla.app may collect website and marketing data through:
- Contact forms.
- Demo requests.
- Landing pages.
- Webinars.
- Campaigns.
- Email inquiries.
- Chat tools.
- Cookies and analytics.
- Download forms.
- Sales calls.
Recommended retention:
|
Marketing Data Type |
Retention Period |
|
Demo request data |
24 months from last interaction |
|
Website contact forms |
24 months |
|
Marketing leads |
24 months from last meaningful interaction |
|
Newsletter subscribers |
Until unsubscribe or inactivity period of 24 months |
|
Unsubscribed contacts |
3 years in suppression list |
|
Cookie consent records |
12 months |
|
Website analytics data |
14 to 26 months, depending on tool settings |
28. Trial, Demo, and Pilot Data
Trial, demo, and pilot accounts are not intended for long-term data storage.
Recommended retention:
|
Account Type |
Retention Period |
|
Free trial data |
30 days after trial expiry |
|
Demo account data |
30 days after demo expiry |
|
POC account data |
30 to 90 days after POC closure |
|
Sales sandbox data |
30 days |
|
Test data |
7 to 30 days |
|
Converted paid account |
Retained as active Customer Data |
Customers should not upload sensitive, statutory, or production data into demo/trial accounts unless expressly approved.
29.Deleted Data and Soft Delete
Some modules may support soft deletion.
Soft deletion means data is removed from normal user view but may remain recoverable for a limited period.
Recommended soft-delete period:
|
Data Type |
Soft-Delete Period |
|
User records |
30 days |
|
Product/customer/vendor records |
30 days |
|
Draft records |
7 to 30 days |
|
Deleted reports |
30 days |
|
Deleted campaign drafts |
30 days |
|
Deleted files/attachments |
30 days |
After the soft-delete period, data may be permanently deleted, anonymised, or archived.
Some records may not be deletable if they are linked to invoices, tax records, audit logs, security logs, or legal records.
30. Anonymisation
Where full deletion is not possible or not required, Galla.app may anonymise data.
Anonymisation may include:
- Removing names.
- Removing phone numbers.
- Removing email addresses.
- Removing addresses.
- Removing identifiers.
- Aggregating data.
- Masking personal fields.
- Replacing values with random identifiers.
- Removing direct customer/user references.
Anonymised data may be used for:
- Product improvement.
- Security improvement.
- Usage analytics.
- Performance benchmarking.
- Internal reporting.
- Service reliability.
- Statistical analysis.
Anonymised data should not identify a specific individual.
31. aggregated data
Galla.app may retain aggregated data that does not identify individual users or customers.
Aggregated data may include:
- Total number of transactions.
- Feature usage trends.
- Average system performance.
- Error frequency.
- General product analytics.
- Industry-level benchmarks.
- Anonymous campaign statistics.
- General API usage patterns.
Aggregated data may be retained indefinitely if it does not identify an individual or customer.
32. Legal Hold
Galla.app may place data under legal hold where required for:
- Legal claims.
- Regulatory inquiry.
- Court order.
- Government request.
- Tax investigation.
- GST proceedings.
- Audit.
- Security incident.
- Fraud investigation.
- Customer dispute.
- Debt recovery.
- Policy violation.
- Law enforcement request.
Data under legal hold will not be deleted until the hold is released.
After the legal hold is released, data will be deleted, archived, or retained according to the normal retention schedule.
33. Customer-Controlled Third-Party Platforms
Customers may connect Galla.app with third-party platforms such as:
- ERP systems.
- Accounting software.
- Tally or similar tools.
- Ecommerce platforms.
- Marketplaces.
- Payment gateways.
- Logistics providers.
- WhatsApp/Meta.
- SMS providers.
- Email providers.
- Analytics tools.
- Custom APIs.
These third parties may retain data under their own policies.
Galla.app cannot delete data from customer-controlled third-party platforms unless technically supported and expressly agreed.
Customers should review third-party retention and deletion policies separately.
34. Subprocessor Retention
Galla.app may use subprocessors for hosting, messaging, email, payment, analytics, security, support, storage, and other services.
Subprocessors may retain data according to:
- Their service terms.
- Data processing agreements.
- Technical requirements.
- Backup cycles.
- Security and compliance needs.
- Legal obligations.
- Galla.app instructions.
Where applicable, Galla.app will take reasonable steps to ensure that subprocessors delete or return Customer Personal Data after the relevant processing purpose ends, subject to legal and technical limitations.
35. Data Deletion from Subprocessors
When Customer Data is deleted from Galla.app production systems, Galla.app will use reasonable efforts to ensure that relevant subprocessors delete or stop processing such data where required.
Deletion from subprocessors may depend on:
- Subprocessor systems.
- Backup cycles.
- Legal retention obligations.
- Contractual obligations.
- Technical feasibility.
- Security needs.
- Billing and audit records.
- Third-party platform rules.
Some subprocessors may retain limited logs or billing records for legal, security, or operational reasons.
36. Customer Responsibilities
The Customer is responsible for:
- Exporting required data before cancellation or deletion.
- Maintaining its own statutory records.
- Keeping accounting, GST, tax, and audit records.
- Responding to data principal/customer deletion requests.
- Deleting data from customer-controlled third-party systems.
- Managing users and access permissions.
- Deleting inactive users.
- Avoiding unnecessary personal data upload.
- Keeping data accurate and updated.
- Removing unlawful contact lists.
- Maintaining consent and opt-out records.
- Protecting exported files.
- Not using Galla.app as the only legal archive.
- Reviewing retention needs before account closure.
37. Data Deletion Request Process
To request deletion, Customer should contact:
Support Email: support@treewalkerlabs.com
The request should include:
- Company name.
- Registered account email.
- Authorised requester name.
- Designation.
- Data category to be deleted.
- Reason for deletion.
- Confirmation that required exports are completed.
- Confirmation that deletion is authorised by the Customer.
- Any legal, tax, or accounting instructions.
- Contact details for follow-up.
Galla.app may verify the requester’s authority before processing deletion.
38. Deletion Verification
Before deleting Customer Data, Galla.app may verify:
- Customer identity.
- Authorised signatory approval.
- Account ownership.
- Subscription status.
- Payment status.
- Export completion.
- Legal retention requirement.
- Tax/accounting retention requirement.
- Pending disputes.
- Security or abuse investigation.
- Technical feasibility.
Galla.app may refuse deletion requests from unauthorised users.
39. Deletion Confirmation
After deletion is completed, Galla.app may provide confirmation where commercially and technically feasible.
Deletion confirmation may state:
- Account name.
- Data category deleted.
- Date of deletion.
- Whether deletion applies to production systems.
- Backup deletion timeline.
- Exceptions, if any.
- Legal retention records retained, if any.
Deletion confirmation does not mean all backup, legal, accounting, security, or third-party records were immediately deleted.
40. Data Restoration
Data restoration may be possible only in limited cases.
Restoration depends on:
- Backup availability.
- Retention period.
- Account status.
- Technical feasibility.
- Type of deleted data.
- Customer approval.
- Support plan.
- Payment status.
- Legal restrictions.
Galla.app does not guarantee restoration of deleted data.
Once production data and backup data are permanently deleted or overwritten, restoration may not be possible.
41. Deletion Due to Policy Violation
Galla.app may delete, restrict, or disable access to data if it violates:
- Terms of Service.
- Acceptable Use Policy.
- WhatsApp Marketing Policy.
- Data Processing Addendum.
- Applicable law.
- Third-party platform rules.
- Security requirements.
- Abuse prevention rules.
- Examples include:
- Unlawful contact lists.
- Spam records.
- Fraudulent campaign data.
- Malware.
- Illegal content.
- Prohibited business data.
- Fake invoices.
- Unauthorised personal data.
- Harmful files.
- Data causing legal or security risk.
42. Special Rule for WhatsApp Opt-Out Records
Opt-out records may be retained even after marketing contact deletion.
Purpose of retaining opt-out records:
- To prevent future unwanted messages.
- To prove opt-out handling.
- To defend against complaints.
- To support compliance.
- To avoid re-importing unsubscribed contacts.
Recommended retention:
Active account period + 3 years, unless a longer period is required due to dispute, legal claim, or regulatory issue.
Opt-out records should be used only for suppression and compliance, not for marketing.
43. Special Rule for Billing and Invoice Records
Billing and invoice records cannot normally be deleted on customer request during the statutory retention period.
These records may include:
- SaaS invoices.
- Hardware invoices.
- GST invoices.
- Credit notes.
- Debit notes.
- Payment records.
- Refund records.
- Purchase orders.
- Contracts.
- Tax records.
- Recommended retention:
8 financial years, or longer where required due to legal, GST, tax, audit, investigation, or dispute requirements.
44. Special Rule for Security Incident Records
Security incident records may be retained longer than normal operational logs.
Security incident records may include:
- Incident timeline.
- Affected systems.
- Logs.
- IP addresses.
- User activity.
- Investigation notes.
- Remediation actions.
- Customer notifications.
- Legal advice.
- Regulatory communication.
Recommended retention:
|
Incident Type |
Retention Period |
|
Low-risk security events |
12 months |
|
Confirmed security incidents |
5 years |
|
Major breach or legal matter |
7 years or longer as advised by legal team |
45. Retention Review
Treewalker Digital Private Limited may review retention practices periodically.
Retention review may include:
- Data category review.
- Legal requirement review.
- Product module review.
- Subprocessor review.
- Backup review.
- Security log review.
- Customer request review.
- Deletion process review.
- Audit readiness review.
- Policy update review.
Recommended review frequency:
At least once every 12 months, or earlier if there is a legal, product, security, or business change.
46. Internal Data Disposal
When data is deleted or disposed, Galla.app may use reasonable methods such as:
- Database deletion.
- File deletion.
- Record anonymisation.
- Secure overwrite, where feasible.
- Backup expiry.
- Token/key revocation.
- Access restriction.
- Log expiry.
- Vendor deletion request.
- Account deactivation.
The method may depend on data type, system design, backup cycle, subprocessor capability, and legal obligations.
47. Retention Schedule Summary
The following summary can be used as a quick reference.
|
Data Type |
Retention |
|
Active SaaS customer data |
During subscription |
|
Post-closure SaaS data |
90 days |
|
Approved deletion request |
30 days for production deletion |
|
Backup data |
30 to 90 days |
|
Trial/demo data |
30 days after expiry |
|
POS invoices |
8 financial years |
|
GST records |
72 months from annual return due date |
|
Company accounting records |
8 financial years |
|
WMS operational records |
3 years, or longer if linked to financial records |
|
Inventory reports |
Active account + 90 days |
|
WhatsApp campaign logs |
24 months |
|
WhatsApp opt-out records |
Active account + 3 years |
|
API logs |
90 days to 12 months |
|
Security logs |
12 to 24 months |
|
Security incident records |
5 to 7 years |
|
Support tickets |
3 years |
|
Hardware warranty/service records |
Warranty period + 3 years |
|
Marketing leads |
24 months from last interaction |
|
Legal dispute records |
Dispute closure + 3 years |
48. Changes to this Policy
Treewalker Digital Private Limited may update this Policy from time to time to reflect:
- Product changes.
- Legal changes.
- GST/tax/accounting changes.
- Security requirements.
- Backup changes.
- Subprocessor changes.
- Customer requirements.
- Operational improvements.
- New Galla.app modules.
- Changes in deletion processes.
When we update this Policy, we will revise the “Last Updated” date. If changes are material, we may notify Customers through email, dashboard notice, website notice, or other reasonable means.
Continued use of Galla.app after the updated Policy becomes effective means the Customer accepts the updated Policy.
49. Contact Information
For questions about data retention, deletion, export, or privacy requests, contact:
Treewalker Digital Private Limited
Product: Galla.app
Registered Office: Vikas Plaza.38/ 1A (4), Kanappana Agrahara, Hosur Rd, Phase II, Electronic City, Bengaluru, Karnataka 560100
Legal Email: legal@treewalkerlabs.com
Support Email: support@treewalkerlabs.com
Phone: +91-6366-740-274
CIN: U72900KA2021PTC153840
GSTIN: 29AAICT9733E1ZX
50. Related Policies
This Data Retention and Deletion Policy should be read together with:
- Terms of Service.
- Privacy Policy.
- Cookie Policy.
- Data Processing Addendum.
- Subprocessor List.
- Acceptable Use Policy.
- WhatsApp Marketing Policy.
- Security Overview.
- SLA and Support Policy.
- Refund, Billing, Cancellation, and Hardware Replacement Policy.
- Responsible Disclosure Policy.
- Incident Response Policy.
