Data Retention Policy

RUTIN retains data only for:

• platform operation
• security protection
• community governance integrity
• legal compliance
• user safety
• service improvement

Data is not stored indefinitely without reason.

RUTIN stores:

Account Information

• user ID
• phone number (if used for login)
• email address (if used)
• account creation timestamp

Identity Layer Data

Because RUTIN supports multi-identity architecture:

• public identity
• private identity
• professional identity
• identity settings
• identity visibility preferences

Community Participation Data

• community memberships
• leader roles
• rule proposals
• votes
• impeachment participation
• petition signatures

This data supports governance transparency.

Content Data

• posts
• comments
• reactions
• messages
• broadcast content
• attachments metadata

Notification Data

• alerts
• broadcast notifications
• system notifications
• delivery status logs

Security Logs

• login timestamps
• OTP verification attempts
• rate-limit triggers
• suspension actions
• moderation activity

Used to detect abuse.

Account Data

Retained:

• until account deletion request
• or legal requirement
• or safety investigation completion

Identity Data

Retained:

• until account deletion
• or identity removal request

Some moderation history may remain longer for safety.

Community Governance Data

Because RUTIN supports elections and impeachment:

Retained:

• as long as community exists
• or until governance audit window expires

This protects:

• leader legitimacy
• rule transparency
• member trust

Posts and Comments

Retained:

• until deleted by user
• or removed for moderation reasons

Removed content may remain temporarily in security logs.

Messages

Retained:

• until deleted by sender or recipient
• or removed under safety enforcement

Encrypted storage practices apply where available.

Notification Logs

Retained:

up to 180 days

For delivery reliability and audit tracking.

Security Logs

Retained:

up to 12 months

For fraud detection and compliance readiness.

When users delete their account:

RUTIN removes:

• profile visibility
• identity activity access
• community participation ability

However, limited records may remain for:

• legal compliance
• fraud prevention
• governance integrity
• security auditing

Example:

Voting history may remain anonymized.

Because RUTIN enables democratic leadership:

The platform may retain:

• rule proposal history
• vote counts
• petition outcomes
• leadership transitions

This ensures:

• community transparency
• audit reliability
• dispute prevention

Records may be anonymized when appropriate.

RUTIN may retain data longer when required under:

• Indian law
• court orders
• government requests
• fraud investigations
• platform abuse detection

RUTIN follows:

• purpose limitation
• minimal collection
• controlled retention
• secure deletion practices

We do not retain unnecessary personal data.

Initially:

• India-first launch infrastructure
• secure cloud providers
• restricted internal access

Future expansion may include global infrastructure.

Users will be informed when required.

Users may request deletion of:

• account data
• identity data
• content data
• community participation records (where possible)

Requests can be submitted via:

security@rutin.co.in

RUTIN protects retained data using:

• access control systems
• authentication enforcement
• rate-limit protection
• moderation safeguards
• security logging

Infrastructure protections evolve continuously.

RUTIN does not knowingly retain sensitive minor data beyond necessary platform operation.

Requests involving minors receive priority review.

This policy may be updated when:

• laws change
• security improves
• governance expands
• platform scales globally

Users may be notified when required.