Data Retention & Deletion FAQs
Understanding your responsibilities and rights
Retention Basics
Will EncryptInvoice keep my invoices for me?
Will EncryptInvoice keep my invoices for me?
EncryptInvoice is a SaaS platform, NOT an accounting firm. We are NOT legally obligated to retain your financial records.
We provide data retention features as a convenience, but YOU are legally responsible for maintaining your own records according to your local tax and accounting laws (typically 7-10 years for invoices).
We strongly recommend:
- Regularly downloading your documents (weekly or monthly)
- Storing them in a secure backup location
- Keeping multiple copies (local + cloud)
- Consulting with your accountant about retention requirements
Remember: Retention periods are offered as helpful guidance and features, not as a legal obligation on our part.
How long should I keep my financial documents?
How long should I keep my financial documents?
Retention requirements vary by country and document type:
| Country | Invoices & Credit Notes | Quotes |
|---|---|---|
| Belgium | 10 years | 3 years |
| Germany (GoBD) | 10 years | 3 years |
| France | 10 years | 3 years |
| Netherlands | 7 years | 3 years |
| EU Default | 7 years | 3 years |
โ ๏ธ This is guidance only, not legal advice
Local laws vary and may change. Always consult with your accountant or tax advisor to understand your specific retention requirements.
GDPR & Deletion
What happens if I delete my account?
What happens if I delete my account?
When you request account deletion:
- We check if documents are under recommended retention:
- If YES: We show retention warnings and document counts
- You must download all documents and acknowledge responsibility
- You must explicitly acknowledge:
- You have downloaded all necessary records
- You accept full legal responsibility for maintaining them
- You understand EncryptInvoice is not an accounting firm
- You understand deletion is permanent
- Deletion is permanent and immediate:
- All your data is permanently deleted
- We CANNOT recover it
- Your acknowledgment is recorded for legal protection
๐จ Critical: Once deleted, data CANNOT be recovered!
Make absolutely sure you have downloaded everything you need before proceeding.
Can I delete my data during the retention period?
Can I delete my data during the retention period?
Yes! EncryptInvoice fully respects your GDPR Article 17 right to erasure, even during recommended retention periods.
How it works:
- We'll warn you about the retention requirements
- We'll show you which documents are affected
- We'll provide download options
- You must explicitly acknowledge your responsibility
- We'll record your acknowledgment for compliance
- Then we'll proceed with deletion
Important: Local tax laws may require you to keep financial records for up to 10 years. Deleting them from our system doesn't change your legal obligations. You must download and keep them yourself.
Why do I need to acknowledge my responsibility?
Why do I need to acknowledge my responsibility?
This protects both you and us:
For You:
- It's a clear reminder that you need to download your documents
- It helps you make an informed decision
- It clarifies your legal responsibilities
For Us:
- It creates a clear legal record
- It protects us from liability if you face tax issues later
- It demonstrates GDPR compliance (respecting your rights while documenting the process)
We record: Your IP address, timestamp, the exact acknowledgment text, retention status at the time, and which documents were deleted.
Account Plans
What's the difference between Free/Pro and Business/Enterprise for retention?
What's the difference between Free/Pro and Business/Enterprise for retention?
Free & Pro Plans:
- No Archive-Vault: No long-term archival guarantee
- Best-effort storage: We keep your data but don't guarantee specific retention periods
- 30-day export window: After cancellation, you have 30 days to download before deletion
- Your responsibility: You MUST download and backup regularly
Business & Enterprise Plans:
- Archive-Vault included: 10-year retention guarantee (or custom for Enterprise)
- Tamper-evident storage: Integrity checks and audit trails
- Audit-ready exports: Verification checksums and metadata included
- 90-day export window: Extended time after cancellation
- Legal compliance support: Documentation for regulatory audits
Important: Even with Archive-Vault, you still have the GDPR right to request deletion at any time (with acknowledgment if during retention).
Best Practices
How should I backup my financial documents?
How should I backup my financial documents?
Recommended Backup Strategy:
- Regular exports: Download all documents weekly or monthly
- Multiple locations: Keep copies in at least 2 different places
- Long-term format: Use PDF/A-3 for archival (we provide this)
- Verify downloads: Check that files open correctly after download
- Secure storage: Use encrypted cloud storage or secure physical storage
- Document your process: Keep a record of your backup procedures
What to Export:
- All invoices (PDF/A-3 + UBL XML)
- All credit notes
- All quotes
- Payment records
- Customer information
- All attachments (receipts, contracts, etc.)
Tip: Business and Enterprise plans include automated Archive-Vault, but we still recommend your own backups for extra safety.
Can I delete individual invoices instead of my whole account?
Can I delete individual invoices instead of my whole account?
Currently, individual document deletion is not available during retention periods. Here's why:
Tax and Audit Requirements:
- Tax authorities often require complete, unbroken invoice sequences
- Missing invoice numbers can trigger audit flags
- Maintaining document integrity is important for compliance
Alternative Options:
- Mark as cancelled: You can cancel individual invoices (they remain in the system)
- Wait for retention to expire: Once past retention, deletion may be possible in the future
- Full account deletion: Delete your entire account with acknowledgment
Note: This policy protects both you (from accidental compliance issues) and us (from facilitating non-compliant deletions).
Technical
What happens to my data in backups after deletion?
What happens to my data in backups after deletion?
When you request deletion:
Primary Systems (Immediate):
- Your data is deleted from our production database immediately
- All files are removed from storage immediately
- You cannot access your account anymore
Backup Systems (Gradual):
- Free/Pro plans: Backups are overwritten within 30 days
- Business/Enterprise: Backups are overwritten within 90 days
- This is normal and GDPR-compliant (backups are for disaster recovery, not active storage)
What We Keep (Legal Requirements):
- Audit logs: Anonymized record that a deletion occurred (no personal data)
- Acknowledgment record: Your explicit acknowledgment for legal protection
- Financial transaction records: For accounting/tax purposes (7 years)
How do I download all my data?
How do I download all my data?
You can export all your data using the GDPR & Privacy page:
- Go to Settings โ GDPR & Privacy
- Click "Request Data Export"
- Export is generated immediately (or within minutes for large datasets)
- Click "Download Data" to get your export
- Click "Download Attachments" to get all files
What's Included:
- JSON export: Machine-readable format with all your data
- PDF exports: Human-readable invoices, quotes, credit notes
- UBL XML: Standard e-invoicing format
- Attachments ZIP: All uploaded files (receipts, contracts, etc.)
Tip: Export regularly (monthly) so you always have a current backup.
Still have questions?
For specific questions about your legal obligations, please consult with your accountant or tax advisor. For questions about our platform, visit the GDPR & Privacy page in your account settings.