- Receiving the Request
1.1. Data deletion requests can be received through:
User’s account settings page
Email to privacy@slackify.com
Written request to our official mailing address
1.2. All requests must be logged in our Data Request Tracking System, including:
Date and time of request
User’s identity and contact information
Method of request
Specific data requested for deletion
- Verifying the Request
2.1. Confirm the identity of the requester:
For requests through the account settings, no additional verification is needed
For email or written requests, require additional verification (e.g., account details, government-issued ID)
2.2. Verify the scope of the deletion request:
Full account deletion
Partial data deletion (specify which data)
2.3. Check if the user’s data is subject to any legal hold or ongoing investigation
If yes, inform the legal department before proceeding
- Assessing the Request
3.1. Determine if the request can be fulfilled based on:
User’s subscription status (Free, Basic, or Premium)
Legal and regulatory requirements
Operational necessity
3.2. Identify all locations where the user’s data is stored:
Active databases
Backup systems
Archived data
Logs and analytics systems
- Preparing for Deletion
4.1. Create a detailed deletion plan, including:
Data to be deleted
Systems affected
Estimated time for completion
4.2. Obtain necessary approvals:
For standard requests: approval from the Data Protection Officer
For complex cases: additional approval from Legal and IT Security teams
- Executing the Deletion
5.1. For active data:
Execute deletion queries on relevant databases
Remove user data from active systems
5.2. For Premium users with stored reports:
Delete all stored reports and associated data
5.3. For backups:
Mark the data for deletion in the next backup cycle
Ensure future restores will not reintroduce deleted data
5.4. For archived data:
If within the archival period, mark for deletion at the end of the retention period
If past the retention period, delete immediately
5.5. For logs and analytics:
Anonymize or delete user-identifiable information
- Verification of Deletion
6.1. Perform a thorough check to ensure data has been deleted from all identified locations
6.2. Run validation queries to confirm no traces of the deleted data remain
6.3. Document the completion of deletion in the Data Request Tracking System
- Notification and Documentation
7.1. Notify the user of the completion of their deletion request:
Provide a summary of what was deleted
Inform about any data retained due to legal or operational requirements
7.2. Update internal documentation:
Record the completion of the deletion process
Note any exceptions or difficulties encountered
7.3. Provide the user with a formal certificate of deletion if requested
- Follow-up
8.1. Conduct a final review after 30 days to ensure:
No data has been accidentally restored from backups
All systems reflect the deletion
8.2. Close the deletion request in the Data Request Tracking System
- Continuous Improvement
9.1. Regularly review and update this procedure based on:
User feedback
Changes in legal requirements
Technological advancements
9.2. Conduct annual training for all staff involved in the data deletion process
Last Updated: October 06, 2024
