Data Retention Policy
- Home
- Data Retention Policy
How long we keep customer data, scan results, logs, and backups.
Data Retention Policy
Last updated: 2026-05-26
PortWarden is operated by Port Warden Incorporated, a Wyoming corporation. This policy explains how we retain, delete, archive, and protect customer data, scan artifacts, reports, logs, support records, and related operational records.
Our retention posture is conservative. We try to limit what we collect and avoid keeping records longer than they are useful. At the same time, PortWarden must keep certain records long enough to provide monitoring history, investigate abuse, satisfy tax and accounting duties, respond to lawful process, and defend the service from misuse.
1) Guiding principles
- Data minimization: we aim to collect and retain only what is reasonably necessary for the service, security, billing, support, compliance, and disclosed business purposes.
- Customer control: customers define authorized monitoring scope, may remove assets, may export supported reports, and may request deletion subject to lawful retention limits.
- Purpose limitation: data should not be kept simply because storage is cheap. If a record no longer supports a legitimate service, security, legal, or business purpose, it should age out or be deleted.
- Security by reduction: the safest sensitive record is often the one we no longer have. Where retention is needed, access is restricted and data is protected using reasonable administrative, technical, and organizational safeguards.
- Lawful restraint: we comply with applicable United States federal and state legal requirements, valid legal process, tax obligations, accounting rules, contractual duties, and abuse-prevention needs.
2) Categories of data we retain
Retention depends on the category of data and why it exists. PortWarden may retain the following categories:
- Account and profile data: name, company, email address, account settings, plan status, and administrative preferences.
- Monitoring configuration: domains, IP addresses, scan schedules, endpoint labels, ownership verification status, and notification preferences.
- Scan artifacts: raw scanner output, temporary working files, screenshots where applicable, normalized JSON, generated reports, and evidence used to explain findings.
- Historical reports and findings: summaries, trend history, diff data, remediation status, and retest history used to show what changed over time.
- Security and access logs: login events, access metadata, IP addresses, user-agent strings, rate-limit events, administrative actions, errors, and abuse-prevention signals.
- Support and communications: support tickets, customer messages, notes needed to resolve requests, and records of deletion or export actions.
- Billing and business records: invoices, receipts, subscription history, transaction identifiers, tax records, and accounting records. Payment card data is handled by payment processors and is not intended to be stored by PortWarden directly.
- Marketing attribution and analytics: limited referral, campaign, and usage analytics used to understand customer acquisition and improve the site and service.
- Aggregated or de-identified data: operational metrics, product analytics, abuse trends, and service-health statistics that are no longer reasonably tied to an identifiable customer or user.
3) Standard retention schedule
The following schedule reflects our standard practice. Specific retention may vary where required by law, contract, incident response, fraud prevention, product functionality, customer request, or technical constraints.
| Data category | Typical retention period | Reason |
|---|---|---|
| Account and profile data | While the account is active, then generally deleted or de-identified within 30 days after closure unless retention is required. | Account administration, authentication, support, and service delivery. |
| Monitoring configuration | While active; generally removed within 30 days after an asset or account is deleted. | Scheduled monitoring, authorized scope control, notifications, and customer-requested deletion. |
| Ownership verification records | While an asset is monitored and up to 12 months after removal where needed for audit, abuse prevention, or dispute handling. | Proof that scanning was authorized and within customer-controlled scope. |
| Raw scan artifacts and temporary scanner output | Typically 30 days unless needed for support, abuse review, troubleshooting, customer-requested analysis, or a longer plan-specific workflow. | Evidence review, report generation, debugging, and short-term validation. |
| Normalized reports, findings, and scan history | Typically retained on a rolling basis for up to 12 months while the relevant account or plan remains active. | Change detection, trend history, retesting, remediation tracking, and customer reporting. |
| Security, access, and application logs | Commonly 30 to 90 days; up to 12 months where needed for security investigations, abuse prevention, legal defense, or reliability analysis. | Account security, intrusion detection, troubleshooting, fraud prevention, and service integrity. |
| Support tickets and customer communications | Typically up to 3 years after the last interaction, unless deletion is requested and no lawful reason requires retention. | Customer support continuity, dispute resolution, operational history, and service improvement. |
| Billing, tax, and accounting records | Generally up to 7 years, or longer if required by applicable law, audit, tax, dispute, or accounting obligations. | Tax compliance, accounting, chargeback handling, financial reporting, and legal obligations. |
| Marketing attribution cookies and referral parameters | Generally up to 90 days unless the user clears cookies sooner or a shorter period applies. | Referral attribution, campaign measurement, and fraud-resistant signup tracking. |
| Backups and disaster recovery copies | Usually age out within 30 to 60 days after deletion from active systems, unless held for security, legal, or recovery reasons. | System restoration, ransomware resilience, accidental deletion recovery, and continuity. |
| Aggregated or de-identified data | May be retained longer where it no longer reasonably identifies a customer, user, or monitored asset. | Service health, capacity planning, abuse trend analysis, and product improvement. |
4) Scan data and security artifacts
PortWarden handles security scan data differently from ordinary website analytics because scan results can reveal sensitive information about a customer’s internet-facing systems. Raw artifacts may include exposed services, banners, headers, software versions, configuration weaknesses, screenshots, vulnerability evidence, and scanner output.
For that reason, raw scan artifacts are treated as short-lived evidence. We normally keep raw artifacts only long enough to generate reports, support customer review, troubleshoot scanner behavior, and validate findings. Normalized reports and historical summaries may be retained longer because customers rely on them to compare changes, prove remediation, and understand recurring exposure.
If a customer removes an asset or closes an account, PortWarden will take commercially reasonable steps to remove active monitoring configuration and customer-visible scan history, subject to backups, legal holds, billing records, support records, fraud prevention, and security investigation needs.
5) Deletion requests
Customers may request deletion by using the client portal where available or by contacting PortWarden support. We may need to verify the requester’s identity and authority before deleting data, especially where the request affects organization-level assets, reports, or billing records.
When a valid deletion request is accepted, we aim to remove eligible data from active production systems within a reasonable period, commonly within 30 days. Some records may remain temporarily in backups until those backups expire. We do not ordinarily restore deleted customer data from backups unless needed for disaster recovery, security investigation, legal compliance, or service integrity.
Deletion may be limited, delayed, or denied where retention is reasonably necessary to comply with law, complete a transaction, maintain security, prevent fraud or abuse, resolve disputes, enforce agreements, protect legal rights, satisfy tax or accounting obligations, or respond to valid legal process.
6) Legal holds, lawful process, and disputes
If PortWarden receives a subpoena, court order, preservation request, regulatory inquiry, chargeback, abuse report, credible security incident, or other lawful request, we may preserve relevant data for as long as reasonably necessary. A legal hold overrides ordinary deletion schedules for the specific records involved.
We do not treat legal holds as a license to retain everything forever. Holds should be scoped to the matter, reviewed when appropriate, and released when the reason for preservation no longer applies.
7) Backups, archives, and secure disposal
Backups are designed for resilience, not for ordinary use. Deleted data may persist in encrypted backup media for a limited period until backup rotation removes it. Where feasible, PortWarden uses lifecycle rules, access controls, encryption, and backup expiration to reduce how long deleted information remains recoverable.
When storage media, systems, or archives are retired, PortWarden aims to use secure disposal practices appropriate to the sensitivity of the data and the type of media. Industry-standard practices include logical deletion, cryptographic erasure, secure erase, or media destruction where appropriate. We use NIST SP 800-88-style principles as a practical reference point for media sanitization decisions.
8) Vendors and processors
PortWarden may use service providers for hosting, payment processing, email delivery, analytics, support, monitoring, and related operations. Those providers may retain data according to their own policies, contracts, legal duties, and technical constraints. We aim to choose providers that support reasonable retention controls, deletion workflows, access restrictions, and security commitments.
Where a vendor keeps billing, fraud, tax, security, or transaction records, deletion may be controlled by that vendor’s legal and operational obligations. Payment card details, where used, are handled by payment processors and should not be stored directly by PortWarden.
9) Customer exports
Customers should export reports, invoices, and other supported records before deleting an account or asset if they need copies for compliance, insurance, customer reporting, audits, or internal evidence. If a structured export is needed and is not available in the portal, contact support before requesting deletion.
10) Children’s data and sensitive regulated data
PortWarden is intended for businesses and authorized security monitoring. It is not intended for children, consumer social networking, healthcare record management, financial account storage, or other systems designed to store highly regulated personal records. Customers should not intentionally submit protected health information, payment card data, government identifiers, or other unnecessary sensitive personal information into support tickets, asset labels, or free-text fields.
11) Changes to this policy
We may update this policy as the service, law, infrastructure, or security practices change. Material updates will be reflected by changing the “Last updated” date above. Continued use of PortWarden after an update means the revised policy applies going forward, subject to any separate written agreement between PortWarden and the customer.
12) Contact
Questions, deletion requests, export requests, and retention-specific inquiries can be sent through Contact PortWarden. Please identify the account, asset, report, ticket, or data category involved so we can route the request correctly and avoid deleting the wrong records.