Data Retention Policy

IdeasRegistration seeks to ensure that it retains only data necessary to effectively conduct its program activities and work in fulfilment of its mission.

The need to retain data varies widely with the type of data and the purpose for which it was collected. IdeasRegistrationstrives to ensure that data is only retained for the period necessary to fulfil the purpose for which it was collected. This policy sets forth IdeasRegistration’s guidelines on data retention and is to be consistently applied throughout the organization.

Scope

This policy covers all data collected by IdeasRegistration and stored on IdeasRegistration owned or leased systems and media, regardless of location. It applies to both data collected and held electronically (including photographs, video and audio recordings). The need to retain certain information may be mandated by federal or local law, federal regulations and legitimate business purposes, as well as the EU General Data Protection Regulation (GDPR).

Reasons for Data Retention

IdeasRegistration retains only that data that is necessary to effectively conduct its program activities, fulfill its mission and comply with applicable laws and regulations.

Reasons for data retention include:

• Providing an ongoing service to the data subject

• Compliance with applicable laws and regulations associated with financial and programmatic reporting by IdeasRegistration to its funding agencies and other donors

• Compliance with applicable labor, tax and immigration laws

• Other regulatory requirements

• Security incident or other investigation

• Intellectual property preservation

• Litigation

Data Duplication

IdeasRegistration seeks to avoid duplication in data storage whenever possible, though there may be instances in which for programmatic or other business reasons it is necessary for data to be held in more than one place. This policy applies to all data in IdeasRegistration’s possession, including duplicate copies of data.

Retention Requirements

IdeasRegistration has set the following guidelines for retaining all personal data as defined in the Institute’s data privacy policy.

• Website visitor data will be retained as long as necessary to provide the service requested/initiated through the IdeasRegistration website.

• Contributor data will be retained. Financial information will not be retained in encryption format to process a single transaction.

• Event participant data will be retained, including any follow up activities, such as the distribution of reports, plus a period of;

• Personal data of subgrantees, subcontractors and vendors will be kept for the duration of the contract or agreement.

• Employee data will be held for the duration of employment and then after the last day of employment.

• Operational data related to program proposals, reporting and program management will be held for the period required by the IdeasRegistration donor.