Skip to main content

Data Retention and Deletion Policy

Last updated: June 25, 2026

TvRMM's retention approach is customer-centric: keep operational records long enough to make the product useful, auditable, supportable, and billable, but do not use retention to trap customers.

Active tenants

While a tenant is active, TvRMM retains tenant, organization, user, endpoint, policy, billing, support, feature-request, and operational records needed to provide the service.

Specific retention periods may vary by data type, customer settings, plan, support state, and product capability.

Logs and telemetry

Log and telemetry retention may be controlled by tenant or policy settings where available. Defaults may apply when the customer has not configured a policy.

Collected logs, performance samples, command results, audit snapshots, and event data may have different retention periods because they have different operational value and privacy risk.

Deleted and archived endpoints

Deleting or retiring an endpoint is intended to hide it from active operational views and stop normal management. TvRMM may retain historical records needed for audit, billing, support, security, legal, and account history.

Where supported, endpoint deletion queues uninstall and revokes endpoint identity material. If an endpoint is offline, local cleanup may still be needed.

Tenant export

Tenant owners should be able to export a redacted operational snapshot where the portal supports it. Exports may include tenant settings, users, organizations, endpoint records, audit data, command records, policies, and billing history.

Exports should exclude secret values, credential hashes, payment method details, raw Stripe webhook payloads, raw secret material, and other high-risk data.

Tenant deletion

Tenant deletion should queue persistent uninstall for real tenant agents before hiding operational data. Deletion may retain minimal records for legal, billing, tax, fraud-prevention, abuse-prevention, security, backup, and dispute reasons.

Some backup or log copies may persist for a limited period before normal expiry.

Inactive unpaid accounts

TvRMM may delete an inactive unpaid account or tenant when all of the following are true:

  • no real agent has been online for 30 or more days;
  • no tenant owner or administrator has logged in for 90 or more days;
  • no billing setup exists for the account.

This rule is intended for abandoned accounts, not active customers. Deletion may remove tenant records, organizations, endpoint history, queued setup material, support context, and related operational data, subject to the deletion limits below. TvRMM may retain minimal records needed for legal, tax, abuse-prevention, security, backup, or dispute reasons.

TvRMM may retain billing accounts, invoices, invoice lines, account-credit ledger entries, refunds, tax records, payment status metadata, support records, and legal notices for as long as needed to comply with law, resolve disputes, enforce agreements, and maintain accurate accounting.

Support records

Support requests, security reports, incident records, and feature requests may be retained to resolve customer issues, preserve product context, improve the service, investigate abuse, and meet legal obligations.

Deletion limits

TvRMM may decline or delay deletion when retention is required to:

  • complete export, uninstall, billing, refund, or deletion workflows;
  • comply with law, tax, accounting, or legal process;
  • investigate security incidents, abuse, fraud, or payment disputes;
  • preserve evidence;
  • restore from backup or recover from incidents;
  • protect the rights, safety, or security of customers, vanRoojen LLC, or third parties.

Customer actions before deletion

Before requesting deletion, customers should:

  • export tenant data they need to keep;
  • uninstall or clean up agents;
  • save scripts and reports needed outside TvRMM;
  • download billing records needed for accounting;
  • remove integrations and bootstrap material.

Contact

Use the contact form for retention or deletion questions.