Skip to main content

Data Deletion

It's important to note that this process indicates Toggggle's adherence to legal compliance by creating temporary storage for data if needed for legal reasons before fully deleting it from the system.

  1. User submits deletion request: Via their account settings or UI.

  2. Evaluate retention obligations: The backend checks all third-party recipients and internal policies to determine which copies must be retained and for how long.

  3. Revoke unnecessary access: The backend immediately disable access for any party that no longer has a legal or contractual need to hold the data.

  4. Flag data for deletion: The backend marks the user’s data “pending deletion” once every remaining retention obligation has expired.

  5. Acknowledge receipt: The backend sends the user an immediate confirmation that their request is in progress.

Daily compliance check:

  • Every 24 hours, re-evaluate retention obligations.
  • Revoke any newly ineligible access.
  • Delete all data whose retention period has lapsed.

Finalize and notify:

  • After data is irreversibly deleted, send the user a “deletion complete” notification (e.g. by email).