LET'S TALK
← All work
GDPR Art 5(1)(e)FRCP Rule 37(e)5AMLDIRS §6001HIPAA §164.530(j)Deep Prototype

RetentionPolicy — Data Retention Schedule

38 data classes with retention period, source of the rule (regulation / contract / business / legitimate-interest / consent), legal-hold trigger, deletion mechanism, evidence of execution. Surfaces 2 over-retained classes (Twilio SMS, Mixpanel events), 2 with no automated deletion (legacy mongo, ChinaPartnerCo archive), and 2 active legal holds (DOJ subpoena, SEC TCR).

RetentionPolicy — Data Retention Schedule preview
Open live →

What it is

The shape behind every information-governance retention schedule — what an OpenText, Onna, Logikcull, Everlaw deployment is actually built around. Each data class on one screen with the retention period, the legal source, the trigger, the mechanism, and the evidence.

What’s in it

  • 38 data classes spanning the realistic SaaS surface — identity (customer profile, login identifiers), financial (payment tokens, transactions, invoices), operational (server logs, support tickets, attachments), sensitive (KYC docs, healthcare, employee performance), compliance (audit log, DSAR records, whistleblower reports, OFAC hits, SAR filings), backup (warm + cold).
  • Per-class shape (5 fields + status):
    • retention period (with the rationale: financial 7y, security 90d, consent 3y, healthcare life-of-relationship + 6y)
    • source — regulation / contract / business / legitimate-interest / consent
    • basis citation — IRS §6001, 5AMLD, GoBD (DE 10y), HIPAA §164.530(j), GDPR Art 5(1)(e)
    • trigger — what event starts the retention clock
    • mechanism — soft-delete, S3 lifecycle expiry, vendor TTL, Glacier rotation
    • evidence — the audit-log line that proves the deletion ran
  • 5 anomaly statuses surfaced:
    • R023 Twilio SMS bodies — 13mo vendor default, OVER our minimization standard (RtbfFlow S14 + IncidentLog INC-05103)
    • R024 Mixpanel events — 5y vendor default, sunsetting
    • R035 legacy mongo — NO automated deletion mechanism
    • R036 ChinaPartnerCo archive — NO automated mechanism, manual delete planned 2025-12
    • R037 DOJ subpoena hold — FRCP Rule 37(e) preservation; affects order_history Q3 2023
    • R038 SEC TCR hold — Dodd-Frank §922 + parallel SOX hold; cross-references WhistleblowerIntake WB-002447
  • Per-class SQL preview — copy-pasteable retention-trigger SQL with AND NOT on_legal_hold.

Why this shape

GDPR Art 5(1)(e) storage limitation is the foundational constraint — keep no longer than necessary. CCPA §1798.105 demands erasure on request. IRS §6001 + 5AMLD + GoBD mandate financial retention. FRCP Rule 37(e) governs preservation under litigation hold. HIPAA §164.530(j) governs PHI retention. Every class lives at the intersection of these. RetentionPolicy prototypes the schedule that surfaces the conflicts.

How it ships

Single HTML file, ~21KB. Zero dependencies. 38 classes × 5-field shape + per-class SQL templating + legal-hold flag in 240 lines of vanilla JavaScript.

Open the tool →