Grace Connect Legal Center
Data Retention & Deletion Schedule
Retention guidance for Grace Connect account, church, community, message, location, support, and security data.
Last Updated: June 16, 2026
Purpose
This schedule defines how long Grace Connect aims to keep different categories of data, unless a longer period is required for legal, security, fraud, church administration, backup, audit, dispute, or safety reasons.
| Data Category | Typical Retention | Reason |
|---|---|---|
| Account profile and authentication metadata | While account is active; deleted or anonymized after verified deletion request unless retention applies | Account access, identity, support, and church membership |
| Legal acceptance records | Up to 7 years after account deletion or dispute closure | Proof of Terms, Privacy Policy, age confirmation, and consent |
| Church registration records | While church is active; up to 7 years after closure | Verification, authorization, audit, and dispute handling |
| Roles and admin access logs | While active; up to 7 years after role change or account closure | Security, accountability, abuse prevention, and audit |
| Community posts, comments, testimonies, reactions | Until deleted, expired, church removes it, account deletion applies, or retention is needed | Community functionality and moderation |
| Direct messages and chat media | Usually until deleted or expired by configured vanishing rules; reports/backups may last longer | Messaging, safety, abuse investigation, and backup recovery |
| Prayer requests and pastoral-care records | While needed for care and church follow-up; review periodically; retain longer only if needed | Care support, pastoral follow-up, safety, and church accountability |
| Attendance and location-derived check-in records | Up to 3 years unless church policy or law requires otherwise | Attendance reporting, service records, ministry follow-up, and anti-fraud |
| Raw precise location signals | Keep only as long as needed to determine attendance; avoid long-term storage unless necessary | Privacy protection and data minimization |
| Giving links and transaction references | Up to 7 years where financial or church accounting records require it | Receipts, reconciliation, audit, dispute, and legal obligations |
| Support tickets and attachments | Up to 3 years after closure; delete sensitive attachments sooner where possible | Support history, troubleshooting, and issue tracking |
| Device diagnostics, logs, app analytics | Up to 24 months unless security investigation requires longer | App quality, security, debugging, and performance |
| Content reports and moderation actions | Up to 7 years after final action | Safety, repeat-offender prevention, legal defense, and audit |
| Backups | Expire according to provider backup cycle, usually 30-180 days where configured | Disaster recovery and operational continuity |
Deletion Method
Grace Connect may delete, anonymize, aggregate, archive, or restrict data depending on the data type and reason for retention. Where immediate deletion is not possible from backups, backup copies should expire according to the backup cycle.