Once Customer Data is stored in DurhamONE Platform, our systems are designed to store the data securely until it completes the stages of DurhamONE’s data deletion pipeline. This section describes this process in detail.
The deletion of Customer Data begins when the customer initiates a deletion request. Deletion requests may be handled in different ways depending on the scope of the customer’s request:
Resource Deletion: Individual resources containing Customer Data, such as the DurhamONE website, can be deleted upon request
Account Deletion: When you delete your DurhamONE account, it deletes all DurhamONE posts that are solely owned by you. Note that when there are multiple owners for a project, the project is not deleted until all owners are removed from the project or delete their DurhamONE accounts.
While deletion requests are designed primarily to be used by Customers to manage their data, DurhamONE may issue deletion requests automatically, for instance when a customer terminates their relationship with DurhamONE.
Soft deletion is the natural point in the process to provide a brief internal staging and recovery period to ensure that there is time to recover any data that has been marked for deletion by accident or error. Individual DurhamONE products may adopt and configure such a defined recovery period before the data is deleted from the underlying storage systems so long as it fits within DurhamONE’s overall deletion timeline.
When a DurhamONE account is closed, DurhamONE may impose an internal recovery period up to 30 days, depending on past account activity. Once that grace period expires, a signal containing the deleted billing account user_id is broadcasted to resources tied solely to that user_id are marked for deletion.
DurhamONE’s website is engineered to achieve a high degree of speed, availability, durability, and consistency, and the design of systems optimized for these performance attributes must be balanced carefully with the need to achieve timely data deletion. DurhamONE commits to delete Customer Data within a maximum period of about six months (180 days). This commitment incorporates the stages of DurhamONE’s deletion pipeline described above, including:
Stage 1 – Once the deletion request is made, data is typically marked for deletion immediately and our goal is to perform this step within a maximum period of 24 hours. After the data is marked for deletion, an internal recovery period of up to 30 days may apply depending on the service or deletion request.
Stage 2 – The time needed to complete garbage collection tasks and achieve logical deletion from active systems. These processes may occur immediately after the deletion request is received, depending on the level of data replication and the timing of ongoing garbage collection cycles. From deletion requests, it generally takes about two months to delete data from active systems, which is typically enough time to complete two major garbage collection cycles and ensure that logical deletion is completed.
Stage 3 – DurhamONE backup cycle is designed to expire deleted data within data center backups within six months of the deletion request. Deletion may occur sooner depending on the level of data replication and the timing of backup cycles