HomePricingSecurityBlogsPolicies
Sign In
Get Started

Data Retention Policy

Last Updated: 18/03/2025

Ezyiah is committed to handling your personal data responsibly and in compliance with Australian law. This Data Retention Policy outlines how we manage, store, and delete user data, ensuring it is retained only for as long as necessary to fulfill its intended purposes. By using Ezyiah, you agree to this Policy.

1. Purpose of the Policy

The purpose of this Data Retention Policy is to inform users about Ezyiah’s approach to data storage, retention, and deletion. This Policy complies with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and relevant tax regulations, such as the Income Tax Assessment Act 1997 (Cth).

2. Scope of the Policy

This Policy applies to all personal data collected, processed, and stored by Ezyiah. It covers information related to individual taxpayers, business owners, and tax professionals, including:

  • Personal Identifiers: Name, contact details, and identification numbers.
  • Financial Data: Income records, tax documents, and payment information.
  • Usage Data: Information about how you interact with the Ezyiah platform.
  • User-Generated Content: Documents and files uploaded by users.

3. Data Retention Periods

Ezyiah retains data for different periods based on the type of information and its purpose:

  • Tax-Related Information: User data related to tax advice and document storage is retained for a minimum of 7 years, as required by the Income Tax Assessment Act 1997 (Cth).
  • Account Information: Personal information associated with your Ezyiah account is retained for the duration of your account’s active status. If your account is deleted, the data will be securely erased after a 90-day grace period, unless required by law.
  • Analytics and Usage Data: Aggregated, non-identifiable usage data may be retained indefinitely for platform improvement and research purposes.
  • Payment Information: Payment data is retained for up to 7 years to comply with financial record-keeping obligations under Australian law.

4. Data Storage and Security

Ezyiah employs secure data storage practices to protect your personal information:

  • Encryption: All stored data is encrypted using AES-256 encryption, ensuring your information is secure at rest.
  • Secure Servers: Data is stored on servers located in secure, ISO 27001-certified data centers.
  • Access Control: Access to retained data is limited to authorized personnel who require it to perform their job duties.

5. User Rights and Data Deletion

Users have the right to request the deletion of their personal data under certain circumstances:

  • Right to Erasure: You may request the deletion of your personal information if it is no longer necessary for the purposes for which it was collected, or if you withdraw consent (where applicable).
  • Deletion Requests: To request data deletion, contact [email protected]. We will respond to your request within 30 days and confirm the deletion unless legal requirements prevent us from doing so.
  • Data Erasure Exceptions: Ezyiah may retain certain information to comply with legal obligations, such as tax record-keeping requirements or to resolve disputes.

6. Data Archiving and Disposal

Ezyiah follows strict procedures for archiving and securely disposing of data:

  • Archiving: Inactive or outdated user data is archived and stored separately from active data, reducing the risk of unauthorized access.
  • Secure Disposal: When data is no longer needed and eligible for deletion, it is securely erased using industry-standard data destruction methods, ensuring it cannot be recovered.

7. Compliance with Australian Law

Ezyiah’s data retention practices comply with relevant Australian laws and regulations:

  • Privacy Act 1988 (Cth): We follow the Australian Privacy Principles (APPs) for the lawful retention, use, and destruction of personal information.
  • Income Tax Assessment Act 1997 (Cth): We comply with legal requirements to retain tax-related records for at least 7 years.
  • Australian Consumer Law (ACL): We retain records as necessary to meet consumer protection obligations under the ACL.

8. Regular Review of Data Retention Practices

Ezyiah periodically reviews its data retention practices to ensure compliance and efficiency:

  • Annual Review: We conduct an annual review of our data retention policy and practices to ensure they align with current legal requirements and best practices.
  • User Notifications: If there are significant changes to our data retention practices, we will notify users and provide updated information on our website.

9. Data Backup and Recovery

Ezyiah has robust backup and recovery protocols to prevent data loss:

  • Regular Backups: User data is backed up regularly to secure, geographically diverse locations.
  • Disaster Recovery Plan: Our disaster recovery plan ensures that user data can be restored quickly in the event of a system failure or data loss incident.

10. Changes to the Data Retention Policy

Ezyiah may update this Data Retention Policy periodically to reflect changes in legal requirements or our data handling practices. Users will be notified of significant updates. Continued use of the platform constitutes acceptance of the revised Policy.

11. Governing Law

This Data Retention Policy is governed by the laws of the State of Victoria, Australia. Any disputes arising from this Policy will be subject to the exclusive jurisdiction of the Victorian courts.

12. Contact Information

If you have any questions, concerns, or requests regarding data retention, please contact us at:

By using Ezyiah, you acknowledge that you have read, understood, and agree to this Data Retention Policy. We are committed to handling your data responsibly and in accordance with Australian legal requirements.