Data Deletion Policy

1. Overview

This Data Deletion Policy explains how you can request the deletion of your personal data from the Asaleo ERP platform and what happens when you do. We respect your right to control your data and provide clear processes for data removal.

2. How to Request Data Deletion

You can request deletion of your data through any of these methods:

2.1 In-App Account Deletion

1. Log in to your Asaleo account
2. Navigate to Settings > Account > Delete Account
3. Confirm your identity by entering your password
4. Confirm the deletion request

2.2 Email Request

Send a deletion request to [email protected] from the email address associated with your account. Include:

• Your full name
• The email address associated with your account
• A clear statement that you wish to delete your account and data

2.3 Third-Party Login Users

If you signed up using Google, Facebook, or Apple, you can also revoke Asaleo's access through your third-party account settings. However, to fully delete your data from our systems, you must also use one of the methods above.

3. What Gets Deleted

When you request account deletion, we delete:

• Account data: your name, email, phone number, profile photo, and login credentials
• Session data: all active sessions and authentication tokens
• Preferences: notification settings, language preferences, and UI customizations
• Activity logs: your personal activity and login history
• Uploaded files: profile photos and personal documents

4. Business Data

Business data you created within an organization (orders, invoices, inventory records, etc.) is owned by the business and may be retained by the business organization after your account deletion. This includes:

• Business records you created or modified
• Documents uploaded to business storage
• Comments and notes on business records

Your name in business records will be replaced with "Deleted User" to maintain business data integrity while removing your personal identity.

5. Deletion Timeline

• Immediate: account access is revoked and sessions are terminated
• Within 7 days: personal data is removed from active systems
• Within 30 days: personal data is removed from all backups

During the first 7 days after a deletion request, you may contact us to cancel the request and restore your account.

6. Data We May Retain

We may retain limited information after deletion when required by law:

• Legal compliance: records required by tax, accounting, or regulatory obligations
• Fraud prevention: information necessary to prevent abuse or enforce our Terms
• Aggregated data: anonymized, non-identifiable usage statistics

7. Business Owner Deletion

If you are the sole owner of a business organization, deleting your account will require you to either transfer ownership to another member or delete the entire business organization first. Business deletion permanently removes all business data and cannot be undone.