Data Retention Policy

Last Updated: September 15, 2025

This Data Retention Policy explains how Ulme Tresto ("we," "us," or "our") retains, stores, and deletes personal data and other information collected through our webinar platform and related services. This policy should be read in conjunction with our Privacy Policy.

---

1. Purpose and Scope

We retain data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. This policy applies to all data collected through ulmetresto.com and associated services.

2. Data Categories and Retention Periods

2.1 Account Information

Account data including name, email address, profile information, and authentication credentials:

• Active accounts: Retained for the duration of account activity
• Inactive accounts: Retained for 36 months after last login, then anonymized or deleted
• Closed accounts: Deleted within 90 days of account closure request, except where retention is required

2.2 Webinar Content and Recordings

Live webinar sessions, recordings, chat transcripts, polls, and interactive content:

• Live session data: Retained for 24 months after webinar completion
• Recorded sessions: Retained until host deletion or 36 months, whichever comes first
• Chat transcripts and interactions: Retained for 12 months after session end
• Participant engagement data: Retained for 24 months for analytics purposes

2.3 Registration and Attendance Records

Registration forms, attendance logs, and participation certificates:

• Registration data: Retained for 36 months after event date
• Attendance records: Retained for 48 months for certification and compliance purposes
• Certificates issued: Retained indefinitely or until user requests deletion

2.4 Payment and Billing Information

Transaction history, invoices, payment methods, and financial records:

• Transaction records: Retained for 84 months (7 years) for financial compliance
• Payment card information: Not stored; processed by third-party payment processors
• Invoices and receipts: Retained for 84 months from transaction date
• Subscription history: Retained for 60 months after subscription termination

2.5 Communication Records

Email correspondence, support tickets, notifications, and customer inquiries:

• Support tickets: Retained for 36 months after ticket closure
• Email communications: Retained for 24 months from last interaction
• Marketing communications: Retained until unsubscribe, then deleted within 30 days
• System notifications: Retained for 6 months

2.6 Technical and Usage Data

Log files, IP addresses, device information, cookies, and analytics data:

• Server logs: Retained for 12 months
• Analytics data: Aggregated and retained for 36 months; individual data deleted after 18 months
• Session cookies: Deleted when browser session ends
• Persistent cookies: Retained according to cookie policy, typically 12-24 months
• Error logs and diagnostics: Retained for 6 months

2.7 Educational Progress and Achievements

Learning progress, quiz results, completion records, and certifications:

• Course completion data: Retained for 60 months
• Quiz and assessment results: Retained for 48 months
• Certificates of completion: Retained indefinitely unless deletion requested
• Learning analytics: Anonymized after 24 months and retained for research

3. Retention Requirements and Exceptions

3.1 Legal and Regulatory Compliance

We may retain data beyond standard retention periods when required by:

• Applicable laws and regulations
• Governmental requests or court orders
• Internal compliance and audit requirements
• Tax and accounting obligations

3.2 Legitimate Business Purposes

Data may be retained longer when necessary for:

• Ongoing legal proceedings or investigations
• Fraud prevention and security purposes
• Enforcing our terms of service or agreements
• Protecting rights, property, or safety
• Resolving disputes and claims

3.3 User Consent

With explicit user consent, certain data may be retained beyond standard periods for purposes such as testimonials, case studies, or continued service provision.

4. Data Deletion and Anonymization

4.1 Deletion Methods

When retention periods expire, data is deleted using the following methods:

• Permanent deletion from active databases
• Removal from backup systems within 90 days of active deletion
• Secure erasure or destruction of physical media
• Anonymization of data when aggregated statistics are needed

4.2 Anonymization Process

For research and analytics purposes, personal data may be anonymized by:

• Removing all personally identifiable information
• Aggregating data to prevent individual identification
• Applying cryptographic techniques to ensure irreversibility
• Verifying data cannot be re-identified through reasonable means

4.3 Backup Systems

Data deleted from active systems remains in backup archives for up to 90 days. Backup data is automatically overwritten during regular backup cycles and is subject to the same security measures as active data.

5. User Rights and Data Management

5.1 Access and Control

Users have the following rights regarding their retained data:

• Request access to personal data we hold
• Download copies of their data in portable formats
• Request correction of inaccurate information
• Request deletion of data (right to be forgotten)
• Object to certain data processing activities
• Withdraw consent where processing is consent-based

5.2 Deletion Requests

Users may request data deletion by:

• Contacting us at help@ulmetresto.com
• Using account deletion tools in account settings
• Submitting written requests to our registered address

We will respond to deletion requests within 30 days. Some data may be retained as permitted by law or legitimate business interests, and we will notify users of any such exceptions.

5.3 Account Closure

Upon account closure:

• Account access is immediately terminated
• Personal data is scheduled for deletion within 90 days
• Financial records are retained per regulatory requirements
• Anonymized usage data may be retained for analytics
• Users receive confirmation of account closure and data deletion timeline

6. Special Categories of Data

6.1 Sensitive Personal Information

If we collect sensitive data such as health information, racial or ethnic origin, political opinions, or similar categories, such data is:

• Retained for the minimum period necessary
• Subject to enhanced security measures
• Deleted within 12 months unless explicit consent exists for longer retention
• Never used for purposes beyond the original collection purpose

6.2 Children's Data

We do not knowingly collect data from individuals under 16 years of age. If such data is identified, it is deleted immediately unless parental consent has been verified and retention is necessary for service provision.

7. Data Storage and Security During Retention

Throughout the retention period, all data is protected by:

• Encryption during transmission and at rest
• Access controls limiting data access to authorized personnel
• Regular security audits and vulnerability assessments
• Secure data centers with physical and technical safeguards
• Monitoring systems to detect unauthorized access
• Staff training on data protection and security practices

8. Third-Party Data Processors

Third-party service providers who process data on our behalf are required to:

• Adhere to our retention schedules and deletion procedures
• Implement appropriate security measures
• Delete or return data upon contract termination
• Provide evidence of data deletion upon request
• Maintain records of data processing activities

9. International Data Transfers and Retention

When data is transferred internationally, retention periods remain consistent with this policy. Data stored in different jurisdictions is subject to:

• The same retention schedules outlined above
• Local legal requirements that may mandate longer retention
• Appropriate safeguards ensuring data protection during retention
• Coordinated deletion across all storage locations

10. Retention Schedule Review

We review and update our data retention schedules:

• Annually to ensure compliance with current regulations
• When introducing new services or data collection practices
• In response to changes in legal requirements
• Following data protection impact assessments
• Based on user feedback and rights requests

11. Record Keeping and Accountability

We maintain internal records documenting:

• Categories of data collected and retention periods applied
• Data deletion activities and schedules
• Legal basis for extended retention when applicable
• User requests for data deletion and our responses
• Regular reviews of retention practices and policy updates

12. Contact Information

For questions about our data retention practices, deletion requests, or to exercise your rights regarding retained data, please contact us:

Email: help@ulmetresto.com

Phone: +380442951820

Address: Kachaly St, 2, Ternopil, Ternopil Oblast, Ukraine, 46001

We will respond to inquiries within 30 days of receipt.

13. Policy Updates

This Data Retention Policy may be updated periodically to reflect changes in our practices, services, or legal requirements. Updates will be posted on this page with a revised "Last Updated" date. Material changes will be communicated to users via email or prominent notice on our platform.

Continued use of our services after policy updates constitutes acceptance of the revised retention practices.

---

By using Ulme Tresto services, you acknowledge that you have read and understood this Data Retention Policy and agree to the retention periods and practices described herein.