Download PDF (Requires composer install on the server if the download does not start.)

Version: Last updated 11 April 2026. This is our published summary of retention and deletion for customers and partners. It supplements our Privacy Policy; if they differ, the Privacy Policy governs until counsel aligns them. We may engage legal counsel periodically to review this summary.

0. Official copy for questionnaires

The authoritative web address for this document is: https://bizsuite.management/pages/data-retention-deletion.php. Use that URL or a PDF exported from this page as supporting documentation for data retention and deletion questions (for example Plaid security questionnaires).

1. Principles

bizsuite.management keeps personal and business data only as long as needed to provide the service, meet legal obligations (for example tax and accounting records), resolve disputes, and enforce our agreements.

2. Account and profile data

Active accounts: Retained for the life of the subscription or trial and a short grace period after expiry where we offer recovery.
Closure: When you close an account, we delete or anonymise personal identifiers where the law allows. Some business records may need to be retained in depersonalised or statutory form — see §5.

3. Optional bank feed (Open Banking / Plaid)

While connected, we synchronise the categories of data you authorise (for example accounts, balances, transactions) for bookkeeping features.
Disconnect: You can disconnect an institution in the product; we stop new synchronisation and revoke access at the provider where their API allows.
Historical rows: Transaction lines already imported may remain in your ledger for accounting and audit unless you request erasure and the law permits deletion.

4. Payments and invoices

Records relating to invoices, payments, and VAT may be retained for the period required by UK tax and company law (often several years). Your counsel can confirm exact periods for your entity.

5. Legal holds and partial erasure

Where we must retain data because of litigation, regulatory inquiry, or statutory retention, we may restrict processing instead of deleting until the obligation ends.

6. Backups

Deleted production data may persist in encrypted backups for a limited rotation period before ageing out. Restores are performed only for legitimate recovery, not routine surveillance.

7. Periodic review

Retention schedules and subprocessors are reviewed at least annually (and when we launch material new features) so this summary and the Privacy Policy stay accurate.

8. How to exercise rights

For access, correction, portability, objection, or erasure requests, contact or use our contact form. We may need to verify your identity before processing sensitive requests.

Data retention & deletion