Trust center
Default retention
Conversation transcripts and uploaded documents are kept for as long as your contract is active. After contract termination there is a six-month grace window during which the data remains restorable on request, after which it is permanently deleted. The grace window exists so a contract that is renewed or reactivated does not lose work; it can be shortened to zero by request, in which case all data is deleted immediately on termination.
What is not retained for training
None of your prompts, documents or conversations are retained for AI-model training, fine-tuning or improvement. The same prohibition is mirrored in every contract Localign signs with an external model provider engaged under Mode B, and is restated in the AI Annex you sign with us. See the Compliance — EU AI Act page for the contractual hook.
What you can delete on demand
Each user can delete a single conversation or a single uploaded document from the app. Organisation administrators can delete a user's full set of conversations and documents from the admin panel, and can trigger a full account export-and-delete (machine-readable export bundle, then irreversible deletion). All three actions are logged.
Backups
Backups are encrypted and retained for 30 days, then rotated. A deletion you trigger today is honoured in live storage immediately, and propagates through the backup rotation within that 30-day window. We do not restore deleted data from backup except to recover from a verified incident, and never against the customer's instructions.
Logs and telemetry
Operational logs (latency, error rates, traffic shape) carry no message content and are retained for 90 days. Cost and usage records — token counts per user, monthly billing rollups, invoice records — are retained per accounting law (seven years in the Netherlands). Authentication and admin audit-logs are retained for 24 months for security forensics.