WordPay seeks to ensure that it retains only data necessary to conduct its program activities and work in fulfilment of its mission. The need to keep data varies widely with the type of data and the purpose for which it was collected. WordPay strives to ensure that data is only retained for the period necessary to fulfil the purpose and is entirely deleted when no longer required. This policy sets forth WordPay’s guidelines on data retention and is to be applied throughout the organisation.

Scope

This policy covers all data collected by WordPay and stored on WordPay-owned or leased systems and media, regardless of location. It applies to data collected and held electronically (including photographs, video and audio recordings) and data collected and stored as hard copy or paper files. The need to retain certain information may be mandated by federal or local law, federal regulations and legitimate business purposes, and the EU General Data Protection Regulation (GDPR).

Reasons for Data Retention

WordPay retains only the data necessary to effectively conduct its program activities, fulfil its mission and comply with applicable laws and regulations. Reasons for data retention include: • Providing ongoing service to the data subject (e.g. usage of the WordPay ad service, processing of employee payroll and other benefits) • Compliance with applicable laws and regulations associated with financial and programmatic reporting by WordPay to its funding agencies and other donors • Compliance with applicable labour, tax and immigration laws • Other regulatory requirements • Security incident or other investigation • Intellectual property preservation • Litigation

Data Duplication

WordPay seeks to avoid duplication in data storage whenever possible. However, there may be instances where data must be held in more than one place for programmatic or other business reasons. This policy applies to all data in WordPay’s possession, including duplicate copies of data.

Retention Requirements

WordPay has set the following guidelines for retaining all personal data as defined in the company’s data privacy policy.

• Website visitor data will be retained as long as necessary to provide the service requested/initiated through the WordPay website.

We retain Data about data subjects accessing our service under the following circumstance:

If you have consented to this as part of processing until you withdraw your consent

If we need the data to undertake an agreement until the contractual relationship with you ceases or legal retention periods expire

If we use the data based on legitimate interest until your overriding interest obliges us to delete or anonymise them

• Data associated with tax payments (including payroll, corporate and VAT) will be held for five years.

Information is retained for extended periods for limited purposes

Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period. For example, when WordPay processes a payment for you or you make a payment to WordPay, we’ll retain this data for extended periods as required for tax or accounting purposes. Reasons we might have some data for more extended periods include:

• Security, fraud & abuse prevention • Financial record-keeping • Complying with legal or regulatory requirements • Ensuring the continuity of our services

Data Destruction

Data destruction ensures that WordPay manages and processes the data it controls efficiently and responsibly. When a data subject requests to have their data removed, we will begin our process designed to safely and completely delete the data from our storage systems. Safe deletion is necessary to protect our users and customers from accidental data loss. This process generally takes up to a week to ensure the data subjects' data is removed from all our storage systems. When the retention period for the data as outlined above expires, WordPay will actively destroy the data covered by this policy. Suppose an individual believes that there exists a legitimate reason why specific data should not be destroyed at the end of a retention period. In that case, they should identify this data to their supervisor and provide information as to why the data should not be destroyed. In rare circumstances, a litigation hold may be issued by legal counsel prohibiting the destruction of certain documents. A litigation hold remains in effect until legal counsel releases and prohibits the destruction of data subject to the hold.