1. Purpose

This Data Retention Policy describes how Taimet retains and deletes customer data in connection with the operation of its services.

Taimet is designed to minimize the collection and processing of sensitive or non-public information. As such, data retention practices are structured to support operational continuity while limiting unnecessary data storage.

2. Scope

This Policy applies to:

• Customer account information

• Analysis inputs (company names)

• Generated analysis reports

• Application metadata (e.g., timestamps, user actions)

• Billing and transactional records

This Policy does not apply to publicly available data sources accessed by Taimet (e.g., SEC filings), which are not owned or controlled by Taimet.

3. Data Retention During Active Accounts

Taimet retains customer data for the duration of an active customer account.

Data retained during this period includes:

• Company names submitted for analysis

• Generated analysis reports and related outputs

• User account information

• Usage metadata necessary to operate and improve the service
  
  

Retention during the active account period supports:

• Customer access to prior analyses

• Service continuity

• Customer support

• Security monitoring and system integrity
  
  
  

4. Account Termination & Retrieval Period

Upon termination of a customer account:

1. Customer Data will remain accessible for a 30-day retrieval period following termination.

2. During this period, customers may access or export their data.
   
   

After the 30-day retrieval period expires:

• Taimet will delete Customer Data within 30 days.
  
  
  

5. Deletion Process

Deletion includes:

• Removal of customer data from production systems

• Removal from active databases

• Removal from application-level storage

Encrypted backups are retained for operational resilience and are automatically overwritten in the normal course of backup rotation. Customer data contained in backups is not actively processed and will be deleted in accordance with standard backup lifecycle practices.

6. Exceptions & Limited Retention

Taimet may retain limited information beyond the deletion window where necessary for:

• Compliance with legal obligations

• Tax and financial reporting requirements

• Resolution of disputes

• Enforcement of contractual agreements

• Fraud prevention or security investigations

Such retained data will be limited to the minimum necessary and stored securely.

7. Customer-Initiated Deletion Requests

Customers may request full account deletion at any time by contacting:

support@taimet.com

Upon confirmation of identity and authorization, Taimet will process deletion in accordance with the timelines described in this Policy.

8. Security of Retained Data

All retained customer data is protected through:

• Encryption in transit

• Encryption at rest

• Role-based access controls

• Multi-factor authentication for infrastructure access

• Production environment isolation

• Access logging
  
  
  

9. Policy Updates

Taimet may update this Data Retention Policy from time to time to reflect operational, legal, or regulatory changes. Material updates will be reflected by updating the Effective Date above.