Data Retention Policy

1. Purpose

This policy defines how Machool Technologies Ltd. ("Machool") collects, retains, archives, anonymizes, and deletes personal and operational data. It supplements Section 11 of Machool's Privacy Policy and applies to all data processed through Machool's shipping platform, APIs, and related services.

2. Scope

This policy applies to all data categories processed by Machool, including:

  • Shipment data (origin, destination, parcel details, carrier information)
  • Customer and recipient personal information (name, address, contact details)
  • Shipment charge and financial data
  • Platform usage and diagnostic data
  • API transaction logs

3. Data Retention Schedule

Shipment & Customer Data: Retained in the active production database for 2 years from the date of shipment creation or last update. Financial & Billing Data: Retained for a minimum of 7 years to comply with applicable Canadian tax and accounting regulations. Platform Usage & Diagnostic Data: Retained for up to 12 months for performance monitoring, security analysis, and service improvement purposes. API Transaction Logs: Retained for up to 30 days for debugging, integration support, and security auditing purposes.

4. Archiving and Anonymization

To ensure data minimization while preserving operational continuity, Machool applies the following archiving process:

  • Upon creation or update of any shipment or shipment charge record, an automated job is triggered to replicate the data to Machool's dedicated archive service.
  • Prior to being stored in the archive database, all personal identifiers are anonymized. This ensures that archived records cannot be used to identify any individual.
  • At the beginning of each calendar month, Machool's production database is purged of all shipment records older than 2 years. Anonymized records in the archive are retained as required for analytical and compliance purposes.


This approach ensures that personal data is not retained in identifiable form beyond what is necessary to fulfill its original purpose, consistent with the principles of PIPEDA and Quebec Law 25.

5. Data Deletion

Personal data that has exceeded its retention period is permanently deleted from Machool's production systems through automated monthly purge processes. Anonymized records in the archive service do not constitute personal data and are retained for aggregate reporting and audit purposes.
Customers and data subjects may also request deletion of their personal data at any time in accordance with Section 6 of Machool's Privacy Policy by contacting contact@machool.com.

6. Data Security During Retention

All retained data, whether in active production systems or the archive service, is protected in accordance with Section 10 of Machool's Privacy Policy. Access to retained data is restricted to authorized Machool personnel on a need-to-know basis.

7. Third-Party Data Processors

Where personal data is shared with carrier partners or third-party service providers for the purpose of shipment fulfillment, such parties are contractually required to adhere to data retention and protection standards comparable to those set out in this policy.

8. Policy Review

This policy is reviewed annually or upon material changes to Machool's data processing practices, applicable law, or enterprise partner requirements. The most current version of this policy is available upon request.

9. Contact

For questions regarding this policy or to submit a data retention or deletion request, please contact: Machool Technologies Ltd. 101-3321 Dunbar Street, Vancouver, BC V6S 2B9 Email: contact@machool.com