Request-token deletion and retained records

CivicPal keeps account and request-token help understandable without showing private account records on public pages. This route explains the deletion and retained-record boundary used by the current Food Access preview.

Account/profile deletion onlyRetained records may remainNo overpromised deletion

Request-token deletion scope

Request-token deletion applies to account/profile data for that request-token profile. It does not automatically delete retained operational records that CivicPal must keep for service confirmation, audit, reporting, partner, public-fund, Trust and Safety, ad/ranking integrity, or legal reasons.

Account/profile

Request-token profile deletion covers the profile fields linked to the request-token.

Retained operations

Operational records can remain when needed for confirmation, audit, reporting, safety, partner, public-fund, integrity, or legal requirements.

Lifecycle

Retained records follow milestone-based minimization, detachment, archive, and deletion timing unless an approved exception applies.

Retained record examples

These examples remain separate from request-token account/profile deletion.

service-confirmation records
audit and reporting records
partner and public-fund records
Trust and Safety records
ad/ranking integrity records
legal or approved exception records

Retained-record lifecycle

Retained records are handled with staged reduction instead of an immediate full-delete promise.

Minimized after 7 days
Detached after 30 days
Archived after 1 year
Deleted after 5 years unless an approved exception applies

Deletion promise boundary

CivicPal does not promise that operational, compliance, safety, public-fund, partner, integrity, or legal records are deleted when a request-token profile is deleted.

Request account help Review privacy Return to food support