Data Retention Policy (Template)
Retention categories, review cadence, and disposal posture.
Outleap Data Retention Policy (School Template)
Status: Approved baseline template. Durations below are Outleap default retention periods and should be reflected in contract terms.
1. Purpose
Set clear retention windows, deletion triggers, and governance controls for personal data processed through Outleap.
2. Scope
Applies to student, teacher, school-admin, and operational records within Outleap platform processing.
3. Default Retention Schedule
| Dataset | Example content | Default retention period | Notes |
|---|---|---|---|
| Account and directory metadata | User IDs, role, school linkage, login metadata | Contract term + 12 months | Supports investigation, access history checks, and controlled offboarding |
| Evidence Bank entries | Structured evidence, skills tags, supporting context | End of current application cycle + 12 months | Keeps reusable evidence available through the active cycle while limiting long-tail storage |
| Draft statements (unsubmitted) | In-progress Q1/Q2/Q3 text | End of current UCAS cycle + 12 months | Keeps continuity for late applications/resits while limiting long-tail storage |
| Submitted statements + published feedback | Submission snapshots, feedback output, status history | End of UCAS cycle + 24 months | Supports school quality review and post-results support |
| Reference workflow records (where references enabled) | Reference drafts, accepted edits, finalised reference exports | End of UCAS cycle + 24 months | Retain only where references are enabled for the school |
| Non-university workflow records (future scope) | CV, cover-letter and competency-answer workspaces are in development and are not part of current processing. Retention windows would be agreed before any such workstream is enabled for the school. | Not processed today | Listed for completeness only; not a current retention category |
| Admin/audit records | Role changes, publish actions, reminder actions | 24 months | Supports accountability and incident review |
| Reminder and notification metadata | Send timestamps, milestone flags, delivery metadata | 12 months | Operational evidence only; avoid storing unnecessary message content |
| Safeguarding-linked workflow notes (if used) | Restricted staff records | Per school safeguarding policy | School policy takes precedence for child protection obligations |
4. Deletion Triggers
Delete or archive according to agreed policy when one of the following occurs:
- Retention period expires.
- Contract ends and handover/export window closes.
- Valid erasure request applies and no overriding legal basis exists.
5. Deletion and Archive Method
- Remove records from live application datasets.
- Allow managed backup lifecycle to expire per platform backup controls.
- Record deletion actions in auditable operational logs where applicable.
6. Access During Retention
- Role-based, least-privilege access only.
- Regular review of admin/staff access rights.
- Immediate removal of access when no longer required.
7. Legal Holds and Exceptions
Data may be retained beyond baseline periods where required for:
- safeguarding duties,
- active complaints/disputes,
- legal or regulatory obligations.
Any extension should include rationale, approver, and review date.
8. Governance and Review
- School owner:
[Name + role] - Supplier owner (template): Jesse Merrigan (Director, Outleap Limited), hello@outleap.io
- Last reviewed:
[YYYY-MM-DD] - Next review due:
[YYYY-MM-DD]
9. Related Documents
- Data Processing Agreement
- DPIA
- AI Safety Policy
- School records management and safeguarding policies