Aspect (Legal Entity: Hume Technology AB) Data Retention Policy

Aspect (Legal Entity: Hume Technology AB) Data Retention Policy

Last Updated on 29/02/2024

See also our Terms of Service and Privacy Policy.

Data Retention Policy



This policy outlines the requirements and controls/procedures Aspect has implemented to manage the retention and deletion of customer data, in alignment with the Data Protection Agreement (DPA) and the General Data Protection Regulation (GDPR).


For Customers

In accordance with the DPA, customer data is retained by Aspect for as long as the customer account remains in active status. Upon the voluntary closure of an account, customer data enters an "expired" state. As stipulated in the DPA, expired account data will be retained for an additional 30 days post account closure. After this period, the account and related data will be permanently deleted from our systems, except when required by law to retain the data.

If an account is involuntarily suspended, a grace period of 30 days will apply during which the account will be inaccessible but may be reopened if the customer meets their payment obligations and resolves any terms of service violations.

Customers intending to back up their data from a suspended account must rectify their account status to regain access to the user interface. Following the 30-day suspension period, the account will be closed, and data will enter the "expired" state, with permanent deletion occurring 30 days thereafter.

Secure Disposal or Reuse of Equipment

Prior to the disposal or reuse of any equipment, Aspect ensures that all storage media is purged of sensitive data and licensed software. This data will either be securely overwritten or physically destroyed, adhering to the security measures outlined in Schedule 1 of the DPA.

Aspect, as a cloud service customer, is responsible for obtaining assurances from cloud service providers that they have established policies and procedures for the secure disposal or reuse of resources, consistent with the security measures outlined in the DPA.

Protection of Records

Aspect protects all records from loss, destruction, falsification, and unauthorized access or release, in accordance with legislative, regulatory, contractual, and business obligations, and the Data Protection Laws as defined in the DPA.

Aspect will verify with our cloud service providers the security measures in place for the protection of records collected and stored in the cloud. These measures must be in compliance with the GDPR, UK GDPR, and other relevant data protection laws, ensuring a level of security appropriate to the risk as per the technical and organizational measures outlined in Schedule 1 of the DPA.