DATA RETENTION POLICY

This policy ensures that Propeller Health adequately protects and maintains necessary records and documents. Additionally, this policy ensures that records that are no longer needed by Propeller Health are discarded/destroyed at the appropriate time.

  1. Administration

    1.1. Appendix A contains a Data Retention Schedule that serves as the retention and disposal/destruction for Propeller Health’s physical and electronic records.

    1.1.1. Modifications may be made to this Data Retention Schedule to ensure compliance with appropriate legislation.

    1.2. All retained information will be used solely for the purposes described in our Privacy and Cookies Policy.

  2. Suspension of Record Destruction in the Event of Legal Proceedings or Inquiries

    2.1. It may become necessary to retain data beyond the limits set forth in this Policy.

    2.1.1. Data retention may be prolonged in the event of any ongoing investigation or inquiries from EU Member State Authorities or to ensure compliance with any other legal obligation.

  3. Security of Personal Information

    3.1. Propeller Health will take reasonable technical and organizational precautions to prevent loss, misuse or alteration of your personal data.

    3.1.1. Propeller Health will store personal information in databases and logs.

    3.1.1.1. Note: Propeller Health does not store any paper copies of Personal Information. Personal Information is only stored electronically.

    3.1.2. Customers should acknowledge that the transmission of information over the internet is inherently insecure, and while Propeller Health will do everything in its power to protect information, Propeller Health cannot guarantee the security of data sent over the internet.

    3.1.3. Customers will be responsible for keeping their Username and Password for accessing Propeller Health’s website and/or mobile application confidential. Propeller Health will never ask for a password other than when needed to log into our website or mobile application.

  4. Destruction of Data

    4.1. Unless otherwise noted specifically below, data will be destroyed based on the Data Retention Schedule in Appendix A.

    4.2. Methods of Destruction

    4.2.1. Data containing health information and any personal data will be destroyed to industry standards for safe electronic deletion.

    4.3. Right to Deletion

    4.3.1. Propeller Health recognizes the users right to their own personal data. As such, all personal data will be deleted upon request of the user.

  5. Amendments and Updates to the Policy

    5.1. Propeller Health may update this policy from time to time. New and material changes to this policy will be posted at this link.

APPENDIX A – DATA RETENTION SCHEDULE

  1. The Data Retention Schedule below outlines Propeller Health’s Policy for maintaining and destroying records as necessary.
Record Type
Storage Location
Person Responsible for Storage
Retention Time Period
Complaint Files
Customer Complaint System
CX Administrator
No less than 2 years based on FDA regulation
Inventory Records
CRM
CRM Administrator
To be retained for the life of the device
Database Files
AWS, various regions
DevOps Administrators
Stored Until Program Completion
Audit Logs (Database)
AWS, various regions
DevOps Administrators
6 months
Backups
AWS, various regions
DevOps Administrators
6 months
Personal Health Data
AWS, various regions
DevOps Administrators
Stored until Program Completion