Deletion Policy

Executive Summary

Interactive Paper GmbH maintains a comprehensive data deletion framework that ensures complete and irreversible removal of personal data in compliance with GDPR Article 17 (“Right to Erasure”) and other relevant international data protection standards. This document outlines our systematic approach to data deletion across all touchpoints of the Interactive Paper ecosystem, applicable to all clients and industries.

Scope and Data Categories

Covered Data Types:
  • Campaign Data: Recipient names, postal addresses, personalized tracking identifiers
  • Interaction Data: Engagement metrics, device identifiers, location data (when enabled)
  • Analytics Data: Aggregated campaign performance data containing personal identifiers
  • Production Data: Address lists used for printing and mailing services
Data Locations:
  • Primary production databases
  • Analytics platforms
  • Production partner systems
  • Backup systems and archives
  • Log files and audit trails

Deletion Timeline and Triggers

Automatic Deletion Schedule:
  • Campaign data: 2 years after campaign completion
  • Production data / addresses: max. 21 days after mailing completion
  • Backup data: synchronized with primary deletion + 7 days
Triggers:
  • Scheduled deletion
  • Client request
  • Legal/regulatory requirements
  • Contract termination

Technical Deletion Process

Multi-stage protocol: Identification → Verification → Execution → Confirmation
Methods include:
  • Secure overwriting
  • Cryptographic shredding for encrypted data
  • Certificates of deletion with audit trails

User-Initiated Deletion

Options available via the cookie banner
Response Timeline (GDPR-compliant):
  • Acknowledgment within 24h
  • Verification within 48h
  • Execution within 30 days
  • Confirmation upon completion

Subprocessor Data Management

All subprocessors are contractually obliged to:
  • Delete within specified timeframes
  • Provide confirmations and logs
  • Undergo monthly audits and annual certification reviews

Client-Specific Requirements

While this framework applies universally, clients with additional sectoral or contractual requirements (e.g., healthcare, finance, mobility, education) may request custom retention schedules, stricter deletion standards, or additional audit evidence.

Verification and Documentation

  • Deletion certificate (unique ID, campaign reference, timestamp, verification hash)
  • Comprehensive audit trail for regulators and clients

Exception Handling

  • Legal retention (e.g., tax or litigation)
  • Partial deletion via anonymization or pseudonymization

Recovery Prevention

  • Backup deletion propagation
  • Key destruction for archived data
  • CDN and cache purging

Continuous Improvement

  • Quarterly reviews, annual assessments
  • KPIs: <24h response, >99.9% completion, 100% verification accuracy

Legal Basis

This policy ensures compliance with:
  • GDPR Articles 5 & 17
  • Austrian DSG / German BDSG
  • ISO/IEC 27001 and BSI IT-Grundschutz
  • NIST 800-88, DoD 5220.22-M