This article explains how to set up your data retention policies in TrackTik. Retention policies let you decide how long different types of personal data stay in the system and what happens when that period ends.
What data retention policies do
Data retention policies help you manage:
- how long personal data is stored
- when anonymization or deletion takes place
- how these actions are tracked for auditing
By default, data is kept indefinitely. A retention policy must be added before TrackTik can schedule any GDPR‑related actions.
Where to configure retention policies
Retention settings appear in the system only after you enable the data retention module. When the module is off, these settings stay hidden and no automated actions are created.
Policy levels you can use
You can set retention policies at three levels:
- Global level – applies to the entire environment (e.g., your portal).
At this level, you can also define an Exclude Retention Policy, allowing you to exclude specific regions from the global rule. These excluded regions will not follow the global retention period. - Region level – used when different regions follow different rules.
Regions may also define an Exclude Retention Policy to exclude specific sites within that region from the regional rule. Excluded sites will not inherit the regional retention period. - Site level – allows for the most specific retention settings.
Sites do not have an Exclude Retention Policy option because the site is already the lowest level in the hierarchy.
The system always follows the most specific policy available. If no policy exists at any level, data is retained indefinitely.
Global retention limits
If you set a global retention period for report data, all region‑ and site‑level policies must stay within that limit.
For example:
- Global value: 7 years
- Region or site value: cannot exceed 7 years
TrackTik enforces this automatically.
How inherited settings work
When you view retention settings at a lower regional level, you may see:
- inherited values from a parent region
- overridden values set at this region
Some actions may also be hidden. For example, the “New retention policy” button is not available at the lowest regional level.
How the system applies policies
When new data is created, TrackTik determines which policy applies by following this order:
- Site‑level policy
- Region‑level policy
- Global ‑level policy
- No policy → keep data indefinitely
This ensures the most specific rule always applies.
What happens next
Once your retention policies are in place, TrackTik creates retention logs for new GDPR‑relevant data and schedules anonymization or deletion based on your settings. The system tracks all actions so you can review them during audits.