Data Retention & Deletion Policy

1. Purpose & Scope

ReelCiety is committed to responsible data stewardship. This policy defines the principles, timelines, and safeguards governing the retention and deletion of personal data associated with users, creators, advertisers, and business partners. It applies to all data processed through ReelCiety’s applications, websites, infrastructure, and internal systems.

This policy exists to:

• Comply with privacy laws such as GDPR, CCPA, and equivalent global frameworks
• Protect user rights and expectations
• Enable platform security, abuse prevention, and trust enforcement
• Defend Nexa-Group and ReelCiety against legal, regulatory, and fraud risks

2. Data Categories Covered

ReelCiety processes and retains multiple categories of data, including but not limited to:

• Account registration information (username, email, phone number)
• Profile information (bio, profile photo, public metadata)
• User-generated content (photos, videos, captions, comments)
• Private communications (messages, replies, interaction logs)
• Technical and device data (IP addresses, login history, device identifiers)
• Security logs and abuse detection signals
• Payment, transaction, and monetization data (where applicable)
• Support tickets, reports, and appeal records

3. Retention Principles

ReelCiety follows strict data minimization and proportionality principles. Data is retained only where there is a legitimate business, legal, or safety purpose. Retention decisions are based on:

• Operational necessity
• User consent and expectations
• Legal and regulatory obligations
• Security, fraud prevention, and abuse mitigation
• Defense against legal claims or disputes

4. Standard Retention Periods

While retention periods vary by jurisdiction and data type, general guidelines include:

• Active Account Data: Retained for the duration of the account’s existence.
• Deleted Content: Removed from public view immediately, with backend retention for limited periods to support safety reviews, abuse investigations, and legal compliance.
• Deactivated Accounts: Data preserved until the account is reactivated or fully deleted.
• Security Logs: Retained for extended periods to detect, prevent, and investigate abuse or cyber threats.
• Financial Records: Retained as required by tax, accounting, and anti-fraud laws.

5. Account Deletion & Data Erasure

When a user requests account deletion, ReelCiety initiates a structured deletion workflow. This process includes:

• Verification of account ownership
• Immediate removal of public profile visibility
• Queued deletion of associated content and identifiers
• Retention of limited records where legally required

Complete erasure may be delayed where data is subject to legal holds, investigations, or regulatory obligations.

6. Legal Holds & Mandatory Retention

Certain data must be retained even after deletion requests when:

• Required by law enforcement or court orders
• Necessary to investigate abuse, fraud, or safety violations
• Needed to defend against legal claims
• Mandated by financial or regulatory authorities

During such periods, access is strictly limited and data is not used for unrelated purposes.

7. Anonymization & Aggregation

Where possible, ReelCiety anonymizes or aggregates data instead of retaining personally identifiable information. Anonymized data may be used for:

• Platform analytics
• Safety trend analysis
• Product improvement
• Statistical reporting

8. Security of Retained Data

All retained data is protected using industry-standard security measures, including encryption, access controls, monitoring, and regular audits. Access is restricted to authorized personnel only.

9. User Rights

Users have the right to:

• Request information about retained data
• Request deletion where legally permissible
• Object to certain processing activities
• File complaints with data protection authorities

10. Policy Updates

This policy may be updated to reflect changes in law, technology, or business operations. Material updates will be communicated through the platform or official notices.

11. Contact Information

Privacy Office: privacy@reelciety.com
Legal & Compliance: legal@nexa-group.org